How to generate report of the Last Successful Login time for all users in PAM

book

Article ID: 224361

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

How to get the Last Successful Login time for all users?

Environment

Release : 3.4.x, 4.x

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

REST API can be utilized to get lastSuccessfulLoginTime (Last Successful Log-in) data.

1. Enable External REST API from Configuration > Security > Access page

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=S5q23szN3Hej2H2AzDPkIw==

2. Assign API Key for a user, e.g. 'super' user

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=5ekI/g7j9mZQZ+d3sy8Jlg==

3. Go to Credentials > Manage Targets > Accounts and find 'super' user API Key target account. Notice the account name and view the password and copy the password.

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=T4eTGVqVVXm3g5O84vQ9EQ==

4. Go to Settings > API Doc page now and click "List Operation" link for "users" item. And click the "Get all users" link.

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=penYkqw35YXZoAFY0AUqCw==

5. On the "fields" parameter add ", lastSuccessfulLoginTime" value at the end

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=ej/Ra9K7GD0zWVhwQiv8vg==

6. Click the [Try it out!] button at the bottom part. Login dialog will appear, key in the target account name and the password you have copied at item 3 above.

7. You will get the result like below. The lastSuccessfulLoginTime value is in epoch time. You can convert the value to date/time using epoch converter, e.g. https://epochconverter.com

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=hMgbH28ooiopY+/8bD28tg==

 

Attachments