Administrative Reporting on User(group) deletes does not seem to work
search cancel

Administrative Reporting on User(group) deletes does not seem to work

book

Article ID: 433025

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

While trying to confirm who deleted a specific local user group we found the Credential>Reports>run page "Administrative  Activities" report does not show the deletion of local user groups. 

Cause

The Administrative Activities report is only for Credential Management reporting for credential management activities specifically which does not include local authentication user groups.

Resolution

To find who deleted a specific access user group you will need to review the sessions>logs our your syslog reporting server if you have one configured.

The message in our session logs will look like this. PAM-CMN-1576: User group XXXXXXX successfully deleted

Powered by Wolken Software