NSX Manager audit logs not showing source IP address when the user logs in with WorkspaceOne
search cancel

NSX Manager audit logs not showing source IP address when the user logs in with WorkspaceOne

book

Article ID: 323547

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • If LDAP, or local admin user logs into NSX (or NSX-T), their IP address will be printed in the logs:

    NSX Manager /var/log/syslog (LDAP login):
    2024-01-19T23:13:54.924Z manager1 NSX 2756569 SYSTEM [nsx@6876 audit="true" comp="nsx-manager" level="INFO" subcomp="http"] UserName="[email protected]", ModuleName="ACCESS_CONTROL", Operation="LOGIN", Operation status="success"l
    2024-01-19T23:14:08.322Z manager1 NSX 2756569 SYSTEM [nsx@6876 audit="true" comp="nsx-manager" level="INFO" subcomp="http"] UserName="LdapUserDetailsImpl [Dn=CN=Acme User,OU=People,OU=APJ,DC=acme,DC=com; [email protected]; Password=[PROTECTED]; Enabled=true; AccountNonExpired=true; CredentialsNonExpired=true; AccountNonLocked=true; Granted Authorities=[]]@192.168.1.10", ModuleName="ACCESS_CONTROL", Operation="LOGIN", Operation status="success"

  • IP address will not be printed for Workspace One (WS1) user:

     NSX Manager /var/log/syslog (WS 1 login):
    2024-01-19T23:18:16.312Z manager1 NSX 2756569 SYSTEM [nsx@6876 audit="true" comp="nsx-manager" level="INFO" subcomp="http"] UserName="[email protected]", ModuleName="ACCESS_CONTROL", Operation="LOGIN", Operation status="success"

Environment

VMware NSX-T Data Center
VMware NSX

Resolution

This issue is resolved in VMware NSX 4.2.0

Powered by Wolken Software