Content analysis Audit log message unauthenticated User keeps repeating on the CAS-Audit log
search cancel

Content analysis Audit log message unauthenticated User keeps repeating on the CAS-Audit log

book

Article ID: 247965

calendar_today

Updated On:

Products

Content Analysis Software

Issue/Introduction

CAS Audit log is full with logs related to unauthenticated users who started and ended their session as per the below example:

2022-08-11T10:53:55.240163+00:00 ContentAnalysis info audit_logger[6031]: INFO     : unauthenticated-rest-user started a new session
2022-08-11T10:53:55.253930+00:00 ContentAnalysis info audit_logger[6031]: INFO     : unauthenticated-rest-user ended their session

 

Cause

CAS Audit log is verbose logging, and it will log each administrative action attempted/done on the CAS web interface, so each GUI/admin console access will be logged on this log file

Resolution

This will be expected behavior in case CAs admin is providing wrong username and/or password to login to CAS GUI, or any other service that is trying to integrate with CAS is failing to authenticate (for example Symantec mail gateway SMG for sandboxing purposes)