Symantec Data Loss Prevention (DLP) - any version
For audit purposes, you need to show when a change is made to a user role or a user account and Enforce console logins.
Release: Any version
Component: Data Loss Prevention Enforce and Oracle database
The database table "protect.auditlog" contains data when a user role is created or changed.
That table also shows changes to a user account.
And that table shows Enforce console login events.
The Detail column will show the changes to the role, but not what the previous setting was.
Example: If you change a role from "Read-Only" to "SysAdmin" the detail column will show the change to "SysAdmin" but it does not show the previous value, i.e. "Read-Only".
The Entity column will show "Role" when a change to a role is made.
The Entity column will show "User" when a change to a user is made.
The Entity column will show "Login" when a console login attempt is made.
We do not have a built-in report to show that data.
You or your DBA will need to create a query to pull that data and put it into a useable report for your audit team.