We have a question regarding users in spectrum,
Is there (in Spectrum) any log where we can see when the user has been deleted?
Release : 21.2.x, 22.2.x
Auditing requirements
By default, Spectrum will log an event on the VNM model showing which user destroyed the user account. This event has a code of 0x00010a03 and will have a event message similar to the following:
Dist Model: Master Destroyed - User spectrum@ destroyed master model TestUser (0x10006e) of type User.
You can either create an event filter within OneClick to just this event type or you could manually query the Archive Manager database with the following query:
- Open a command prompt on the SS and run the following commands:
bash -login
cd mysql/bin
./mysql -uroot -proot ddmdb -A
select * from event where type=68099 \G;
The output will look like the following:
*************************** 1. row ***************************
model_h: 1048576
utime: 1580144799
counter: 340
clk_seq: 2242
version: 1
node_id: €J9Ÿ
user_key: 2
type: 68099
severity: 0
vardata_string:
n
TestUser User spectrum@
This shows that user TestUser was deleted by spectrum.
NOTE: By default the Archive Manager will only store 45 days worth of data. If the user was deleted before this period we will no longer have an entry for it.
getting an error trying to login to mysql:
https://knowledge.broadcom.com/external/article?articleId=51857