Layer7 API Management

Expand all | Collapse all

Cutomer need reports availability for Security Administration purpose

  • 1.  Cutomer need reports availability for Security Administration purpose

    Posted 01-18-2017 01:18 AM

    Reports Availability requirements
    • User login or user access history
    • Security Administration activities like create/change user profiles, create user accounts, unlock locked out user account, reset password of locked out user account, changes to password configuration
    • List of dormant/inactive user accounts
    • List of expired user accounts or about to expire
    • Transaction log for changes to static data



  • 2.  Re: Cutomer need reports availability for Security Administration purpose

    Posted 01-19-2017 11:58 AM

    Hi wipro_oml,

     

    I am not familiar with any reports with these details. The majority of this information is however logged in the SSG log. I have provided some sample messages below for review:

     

    User login or user access history
    INFO 19042 com.l7tech.server.admin.AdminLoginImpl loginNew: User 'admin' logged in from IP '192.168.60.10'.
    INFO 19042 com.l7tech.server.admin : User logged in

     

    Security Administration activities like create user accounts

    INFO 19044 com.l7tech.server.admin : InternalUser #74afb1f8e5b1c68f1b22e7408d1f472e (dasjo02) created
    INFO 19044 com.l7tech.server.identity.IdentityAdminImpl saveUser: Saved User: dasjo02 [74afb1f8e5b1c68f1b22e7408d1f472e]

     

    Unlock locked out user account

    INFO    19046 com.l7tech.server.admin : InternalUser #74afb1f8e5b1c68f1b22e7408d1f472e (dasjo02) updated (set xmlProperties, changed enabled)

    INFO    19046 com.l7tech.server.admin : InternalUser #74afb1f8e5b1c68f1b22e7408d1f472e (dasjo02) updated (changed enabled)

     

    Reset password of locked out user account

    INFO    19047 com.l7tech.server.identity.IdentityAdminImpl changeUsersPassword: Updated password for Internal User dasjo02 [74afb1f8e5b1c68f1b22e7408d1f472e]

    INFO    19047 com.l7tech.server.identity.internal.InternalUserManagerImpl checkUpdate: Revoking cert for user dasjo02 as password was changed.

    INFO    19047 com.l7tech.server.admin : InternalUser #74afb1f8e5b1c68f1b22e7408d1f472e (dasjo02) updated (changed passwordExpiry, changed hashedPassword)

     

    Changes to password configuration

    INFO    19047 com.l7tech.server.admin : IdentityProviderPasswordPolicy #0000000000000000fffffffffffffffe updated (changed serializedProps)

    WARNING 111 com.l7tech.server : Password requirements are below STIG minimum for Internal Identity Provider

     

    Hope this helps.

     

    Regards,

    Joe