HP OneView User Manual
Page 49
Monitor the audit logs because they are rolled over periodically to prevent them from getting too
large. Download the audit logs periodically to maintain a long-term audit history.
Each user has a unique logging ID per session, enabling you to follow a user’s trail in the audit
log. Some actions are performed by the appliance and might not have a logging ID.
A breakdown of an audit entry follows:
Description
Token
The date and time of the event
Date/time
The unique identifier of an internal component
Internal component
ID
The organization ID. Reserved for internal use
Reserved
The login domain name of the user
User domain
The user name
User name/ID
The user session ID associated with the message
Session ID
The URI of the task resource associated with the message
Task ID
The client (browser) IP address identifies the client machine that initiated the request
Client host/IP
The result of the action, which can be one of the following values:
•
SUCCESS
•
FAILURE
•
SOME_FAILURES
•
CANCELED
•
KILLED
Result
A description of the action, which can be one of the following values:
•
•
•
•
CANCELED
UNSETUP
LIST
ADD
•
•
•
•
MODIFY
LOGIN
DEPLOY
ENABLE
•
•
•
•
DISABLE
DELETE
LOGOUT
START
•
•
•
•
DONE
SAVE
ACCESS
DOWNLOAD_START
•
•
•
KILLED
SETUP
RUN
Action
A description of the severity of the event, which can be one of the following values, listed in
descending order of importance:
•
INFO
•
NOTICE
•
WARNING
•
ERROR
•
ALERT
•
CRITICAL
Severity
For REST API category information, see the HP OneView REST API Reference in the online help.
Resource category
The resource URI/name associated with the task
Resource URI/name
The output message that appears in the audit log
Message
3.7 Understanding the audit log
49