We need some information related to capturing the events such as Admin activities in the IG/IP portal , failure events etc. One of the requirement is that capability to combine these logging in one level or event which will say action(success\failure) along with user ID so that Monitoring application can identify it’s success or failed login. Currently the failed login attempt scenario is such that the User info captured in the "INFO" category and then followed by error event is at "ERROR". One of the problem is as it did not capture for which user the login attempt failed. I will also attaching the doc for the reference.
Also could you please provide some information as how do we set the logging information to capture accurate data. Currently we see INFO, WARN and ERROR information, however we are not getting some basic information as when Admin perform his activities in IG and IP portal.
Release : 14.2
Component : CA IDENTITY SUITE (VIRTUAL APPLIANCE)
There is no functionality that tracks Administrator activities. Identity Portal is basically a TEWS client. There is no tracking of screen changes or logins.
This would be an enhancement request for IP. Please open an ideation.