1. Administration Guide
  2. Security Manager
  3. Audit Logs

Audit Logs

You can use the audit log (containing audit trails) generated by OCSDM to view performed operations information, which includes the time these operations were performed, whether they were successful, and who performed them when they were logged into the system.

Note:

Audit logs contain different information depending on its implementation.

Audit trails include the following information:

  • The user who performed the operation.
  • What operation was performed by the user.
  • When the operation was performed by the user.
  • Whether the operation performed by the user was successful or failed.

View and Save an Audit Log

The audit log tracks user-initiated events. The following list describes some examples of user events that are logged in the audit log. OCSDM:

  • User log in and log out.
  • Managed devices
  • Device groups
  • Oracle Communications Session Delivery products are loaded.
  • An element when added, deleted, or modified.
  • A device is rebooted.
  • Configurations are saved or activated.
  1. Expand the Security Manager slider and select Audit log, View.
  2. In the Audit log pane, view the following columns:

    Table 4-1 Fields in the Audit log details dialog box

    Field Description
    Sequence number (Hidden) The audit log reference number.
    Username The name of the user who performed the operation.
    Time The time stamp for when the operation was performed by the user.
    Category The category of operation performed by the user. For example, Authentication.
    Operation The specific operation performed by the user.
    Status The status of the operation performed by the user, whether it was successful or failed.
    Device The name of the device that the user performed an operation upon.
    Network function The NF name.
    Management Server (Hidden) The IP address of the management server accessed.
    Client IP (Hidden) The IP address of the client that was used.
    Description (Hidden) The description of the operation performed.
  3. To see details for a specific user entry, select an entry row in the table and click Details or double-click the row.
    1. In the Audit log details dialog box, the information described in the table above is displayed for the specified user entry.
    2. Click OK.
  4. Click Save to file to open the audit log file or save it to a file.

    Note:

    The downloaded CSV file is limited to 500 entries. Only the active page’s entries are saved.

Description of Audit Logs

SDM Audit logs store information on various operations in the Database, which is displayed on GUI.

When you click 'saveToFile' button, the browser downloads data in a CSV format file to the user's local storage.

Table 4-2 Audit Log Description

Event Description in the Audit Log
Adding Groups Shows the permission group, external authentication name.
Editing a Group
  • Shows when only single parameter has been changed.
  • When multiple parameters have been changed simultaneously, the Audit Log description displays a pipe '|' icon for separation.
Edit User Audit log description
  • Shows when only single parameter has been changed.
  • When multiple parameters have been changed simultaneously, the Audit Log description displays a pipe '|' icon for separation.
Password Rules Audit log description
  • Shows when only single parameter has been changed.
  • When multiple parameters have been changed simultaneously, the Audit Log description displays a pipe '|' icon for separation.
Inactivity Timer
  • The description shows when only the Administrator timer is changed.
  • When both administrator and non-Administrator timers are changed simultaneously, the Audit log description displays a pipe icon '|' for separation.
Password Notification Shows when a value is changed.
Add Radius Server Shows when the Radius server is added.
Edit Radius Server Shows when the Radius server parameters are changed.
Delete Radius Server Shows when the Radius server is deleted.
Re-order Radius Server Shows when re-order is done.
Add Active Directory Shows when a directory is added.
Edit Active Directory Shows when the directory parameters are changed.
Delete Active Directory Shows when the directory is deleted.
Re-order Active Directory Shows when re-order is done.

Search the Audit Log

  1. Expand the Security Manager slider and select Audit log, View.
  2. In the Audit log pane, select an entry row in the table and click Search.
  3. In the Audit Log Search dialog box, complete some or all of the following fields to search the audit log:
  4. Click OK.

Schedule Audit Log Files to be Purged Automatically

  1. Expand the Security Manager slider and select Audit log, Purge.
  2. In the Purge audit logs pane, specify the number of days of audit logs to keep in the Interval in days field. The minimum configurable value is 2 days. The maximum number of days that the audit logs can be retained is 90 days. If you specify a number less than 2 days or greater than 90 days, an error message is displayed.
  3. Click Apply.

Purge Audit Log Files Manually

  1. Expand the Security Manager slider and select Audit log, Purge.
  2. In the Manual Audit log purge dialog box, click the calendar icon next to the Purge audit log records prior to field and choose the date from the calendar prior to which you want the audit logs to be purged.

    Note:

    The Manual Purge checks for the interval set in Interval in days field in the Schedule Audit Log Files to be Purged Automatically. The manual purge date must be a date that occurs between the current date and (current date – purge interval). If you try to set the purge interval to a date that occurs between current date and (current date – purge interval) then an error message is displayed.
  3. Click OK.

    Note:

    It is recommended that you set the purge interval to a value less than or equal to 90 before upgrading SDM from a release before 8.2.3 to the latest version.