eG Administration
 

SUCCESSFUL LOGON REPORT

An audit log can be best described as a simple log of changes, typically used for tracking temporal information. The eG manager can now be configured to create and maintain audit logs in the eG database, so that all key configuration changes to the eG Enterprise system, which have been effected via the eG user interface, are tracked.

The eG audit logs reveal critical change details such as what has changed, who did the change, and when the change occurred, so that administrators are able to quickly and accurately identify unauthorized accesses/modifications to the eG Enterprise system.

By default, audit logging is disabled. To enable the capability, follow the steps given below:

  • Login to the eG administrative interface.

  • Click on the icon available in the Admin tab. Then, select the Manager option in the Settings tile. Now select the Auditing option from the MANAGER SETTINGS tree.

  • In the Auditing section of the page, set the Enable auditing flag to Yes.

  • Then, set the Include activities from admin command line interface flag to Yes if you want to maintain log for activities performed via the admin command line interface.

  • Click the Update button to save the changes.

Subsequent to this, every configuration change that the user makes will be automatically logged in the database. To view the details logged and analyze their implications, eG Enterprise provides an exclusive Audits menu in its administrative interface, using which you can generate a variety of AUDIT LOG REPORTS.

If you want to view the details of a chosen user's sessions with the eG Enterprise system, use the LOGON REPORTS. This report enables administrators to determine which user(s) was actively using the eG Enterprise system during periods when the target environment was experiencing performance issues or exhibiting a strange behavior. Unauthorized accesses and rogue users can thus be identified quickly. Moreover, these reports embed a special drill-down feature, which allows you a quick look at the actions performed by a particular user during the period of his/her access. This sheds light on changes effected by the user, which could have caused problems.

To access this page, click on the icon available in the Admin tab. Then, select the Sucessful Logons option in the Audits tile.

To generate a report on successful logons using the LOGON REPORTS page, do the following:

  • Select a Timeline for the report. The default Timeline for the report is 24 hours. You can choose any other fixed period from the Timeline list, or select the Any option from this list. Choosing the Any timeline, allows you to provide a Start Date and End Date and time for report generation. If you change the Timeline settings, then make sure that you click the button at its end, to register the changes.

  • Next, select the User whose accesses you want to audit. By default, the All option is displayed here, indicating that the report provides the details of the sessions of all users to eG Enterprise system. However, if only one user has successfully logged into the eG Enterprise system till date, then, by default, that user's name is displayed in the User list.

  • Administrators can configure the target environment for monitoring by directly logging into the eG administrative interface or by using the admin command line interface provided by the eG manager. This is why, by default, the audit log not only captures user logins via the web-based eG management console, but also those logins that are performed via the eG Admin Command Line Interface.

    While generating audit log reports, eG Enterprise provides you with the option to view details of successful logins across both these interfaces, or only those that pertain to a particular interface. To indicate your choice, use the Interface drop-down list in this page. The options available in the Interface list are as follows:

    • Web: Select this option to view the details of successful logins via the web-based eG management console;

    • Command Line: Select this option to view the details of successful logins via the admin command line interface;

    • All: Select this option to view the details of all successful logins, regardless of interface used.

    If required, you can choose not to maintain audit logs for activities performed via the admin command line interface by setting the Include activities from the admin command line interface flag in the AUDITLOG section of the MANAGER SETTINGS page to No. In this case therefore, the Interface drop-down list will not appear in this page.

  • Finally, click the Show button to generate the report.

  • The resulting report provides details of every successful login made by the chosen user(s). These details include:

    • the name of the user

    • the IP address of the host from which the user accessed the eG management console

    • the exact time of login

    • the accurate time of logout

    • the duration of the user access

    Note:

    In a redundant setup, the auditlog report will have an additional MANAGER NAME column, which displays the IP or host name of the manager to which a record pertains.

  • If the report runs across pages, then the hyperlinked page numbers and the First, Next, Prev, and Last links at the bottom of the page will aid navigation.

  • Clicking on a user name in this page leads you to the details of what configuration changes were made by that user during the period of his/her access.

  • You can print the report by clicking on the icon in this page, or save the report as a PDF file by clicking on the icon. You can even save the report as a CSV file by clicking on the icon here. To schedule the printing/mailing of the audit logon report, click on the icon.