Can we generate Last login report of users in PAM?
search cancel

Can we generate Last login report of users in PAM?


Article ID: 268553


Updated On:


CA Privileged Access Manager (PAM)


Can we generate a report of last login for all the users on-boarded on PAM?


Release : 4.1.x


The best we can achieve the objective with PAM currently is via 'GET /api.php/v1/users.json' REST API call.
You can specify the following field to retrieve with the API call


Below we have tested using Settings > API Doc in PAM Client

When we clicked [Try it out!] we got the following result in JSON format. The lastSuccessfullLoginTime's value is in epoch time.

We can convert epoch time to human readable time using epoch converted, e.g.

To do this we need to enable external REST API and create API Key for the user to use it.

The other option is to extract login data from Session logs. When a user logins to PAM a login record will be generated in Session logs. However, we need to process the login data and extract the last login time from them.

Additional Information

Please refer
    Deploy the External REST API (Administrators)