Audit Log View
ActivID Appliance audit log data is available as an Oracle view called AUDITLOG_VIEW.
| Name | Data type (Max length) | Description |
|---|---|---|
|
AUTHTYPECODE |
Char (10) |
Authentication Type code, applicable, for authentication and administrative activities that related directly to a specific authentication type |
|
CHANNEL |
Char (30) |
Channel over which the action was requested. |
|
CORRELATIONID |
Char (200) |
Indicates the identifier of the process it was done from a remote system |
|
CORRELATIONTYPE |
Char (10) |
Indicates which type of process it was done from a remote system |
|
DIRECTEXTREF |
Char (255) |
External Reference ID of direct user who is executing the action |
|
ENTITYID |
Char (20) |
Indicates the identifier of the object that is audited from the remote system |
|
ENTITYTYPE |
Char (10) |
Indicates which type of object that is audited from the remote system |
|
EVENTDATE |
Char(19) |
Date and time of event |
|
EVENTID |
Char(50) |
Indicates the identifier of the event that is audited (the name of the function that was called (for example, primaryAuthenticateDevice) is added as the 'action') |
|
EVENTTYPE |
Char (10) |
Indicates which type of event is audited For the internal audit, this is '4TRESS' |
|
HOSTADDRESS |
Char (512) |
Holds the hostname or the IP address of the remote system |
|
INDIRECTEXTREF |
Char (255) |
External Reference ID of indirect user on whom the action is being executed |
|
INDIRECTSESSIONID |
Char (100) |
Session ID of indirect user. This field is only populated for indirect user authentications and logouts |
|
MESSAGE |
Char (100) |
Free text field used to store additional information in exceptions |
|
OBFUSCATED |
Char (1) |
Indicates if this event if anonymized: ‘T’ (true) if event is anonymized ‘F’ (false) if event is not anonymized |
|
PARAMETERS |
Char (3000) |
Contains additional parameters values specific to the action. |
|
RESPONSE |
Char (50) |
Indicates whether the authentication request succeeded or failed. This field is only populated for authentication requests |
|
SESSIONID |
Char (100) |
Session ID of direct user, who executed the action |
|
STATUS |
Char (30) |
Indicates whether the call successfully completed. Note that a failed authentication is still a successfully completed call. |
|
TARGETUSERID |
Num (28) |
Id of user on whom the action was executed |
|
TEXT1 / TEXT2 …/TEXT10 |
Char (100) |
Additional fields holding information provided from the remote system that is audited. |
|
TIMESTAMP |
Num (28) |
Exact timestamp of audit entry |
|
USERID |
NUMBER (28) |
Id of direct user who executed the action. |
