Difference between revisions of "Security Audit"
| Line 6: | Line 6: | ||
=== Filter Audit Log === | === Filter Audit Log === | ||
This option lets you quickly filter the list to display entries for a particular account or access from an IP address. | This option lets you quickly filter the list to display entries for a particular account or access from an IP address. | ||
| + | |||
| + | === Success / Failure === | ||
| + | This option lets you filter between successful events and failed events | ||
| + | |||
=== Event Types === | === Event Types === | ||
| + | Use this option to filter between the available event types | ||
{{bullet1|Logon|Shows a successful logon by a user}} | {{bullet1|Logon|Shows a successful logon by a user}} | ||
{{bullet1|Logoff|Shows a successful logoff by a user}} | {{bullet1|Logoff|Shows a successful logoff by a user}} | ||
| Line 13: | Line 18: | ||
{{bullet1|Session Timeout|Show any sessions that have timed out due to inactivity}} | {{bullet1|Session Timeout|Show any sessions that have timed out due to inactivity}} | ||
{{bullet1|Session Kill|Show any sessions that were killed}} | {{bullet1|Session Kill|Show any sessions that were killed}} | ||
| + | |||
| + | === Event Source === | ||
| + | Use this option to filter between the available sources of the events | ||
| + | {{bullet1|Guest Local|Guest account Login and Logoff events that use Hornbill authentication | ||
| + | {{bullet1|Guest SAML|Guest account Login and Logoff events that use SAML authentication | ||
| + | {{bullet1|User Local|User account Login and Logoff events that use Hornbill authentication | ||
| + | {{bullet1|User SAML|User account Login and Logoff events that use SAML authentication | ||
| + | {{bullet1|System|System account events that require authentication | ||
| + | |||
| + | [[Category:Administration]] | ||
Revision as of 20:53, 2 March 2021
| Home > Administration > System > Security > Security Audit | Index |
Introduction
The Security Audit keeps track of a number of events that relate to user access to Hornbill. From here you can quickly identify when the access took place and by who or what.
Options
Filter Audit Log
This option lets you quickly filter the list to display entries for a particular account or access from an IP address.
Success / Failure
This option lets you filter between successful events and failed events
Event Types
Use this option to filter between the available event types
- Logon
- Shows a successful logon by a user
- Logoff
- Shows a successful logoff by a user
- User API Session Create
- Identifies when a user session has been created via an API call
- Session Timeout
- Show any sessions that have timed out due to inactivity
- Session Kill
- Show any sessions that were killed
Event Source
Use this option to filter between the available sources of the events {{bullet1|Guest Local|Guest account Login and Logoff events that use Hornbill authentication {{bullet1|Guest SAML|Guest account Login and Logoff events that use SAML authentication {{bullet1|User Local|User account Login and Logoff events that use Hornbill authentication {{bullet1|User SAML|User account Login and Logoff events that use SAML authentication {{bullet1|System|System account events that require authentication