Viewing authorization log details – H3C Technologies H3C Intelligent Management Center User Manual
Page 122
113
{
Profile Attribute—Enter a partial or complete attribute value of the shell profile that applies to
the device user at login. This query criterion is used to query Login authorization logs only.
{
Privilege Level—Enter the privilege level of the device user. TAM queries authorization logs of
device users of the specified level.
{
Device IP From/To—Enter an IP address range for the device.
−
If you only enter the start IP address, the range is from the start IP address to
255.255.255.255.
−
If you only enter the end IP address, the range is from 0.0.0.0 to the end IP address.
−
If you enter both the start IP address and end IP address, the range is from the start IP
address to the end IP address. The end IP address must be no smaller than the start IP
address.
You must enter a complete IPv4 address in each field.
{
User IP From/To—Enter an IP address range for the device user.
−
If you only enter the start IP address, the range is from the start IP address to
255.255.255.255.
−
If you only enter the end IP address, the range is from 0.0.0.0 to the end IP address.
−
If you enter both the start IP address and end IP address, the range is from the start IP
address to the end IP address. The end IP address must be no smaller than the start IP
address.
You must enter a complete IPv4 address in each field.
{
Session ID—Enter a session ID used by the device and TAM for packet exchanges. TAM only
supports exact matching for this field.
An empty field does not serve as a query criterion.
5.
Click Query.
The Authorization Log list displays all authorization logs matching the query criteria. To clear the
query criteria, click Reset. The Authorization Log list displays all authorization logs.
Viewing authorization log details
To view authorization log details:
1.
Click the User tab.
2.
On the navigation tree, select Device User > Log Management > AuthZ Logs.
The Authorization Log list displays all authorization logs.
3.
Click the Details icon for an authorization log to view its details.
The page includes the following parameters:
{
Login Name—Username sent by the device to TAM, which is not the username that a device
user enters when logging in to the device. Login name of a device user contains redundant
information, and must be extracted. TAM matches the extracted login name against the account
name and authenticates the user. The rules for extracting the login name are configured in
system parameter configuration. For more information, see "
{
Account Name—Account name of the device user.
Accounts with the name followed by #delete0# are cancelled accounts.
{
Device User Group—Device user group to which the device user belongs.