search cancel

Audit Store fields details, tasks and roles with AdminUI

book

Article ID: 50958

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER

Issue/Introduction

 

  1. What is logged in smobjlog4 and smaccesslog4 table?
  2. What is the significance of the smaccesslog4 table's fields: sm_categoryid, sm_eventid, sm_reason?
  3. Does this mean that it stores all Administrative UI actions made by administrators?
  4. Does the report call "Submitted Tasks" logs the same as the smobjlog4 table?
  5. Does the report call "Submitted Tasks" reads its data from the smobjlog4 table?
  6. What is the difference between the smobjlog4 table and the "Tasks persistence" table of Administrative UI?
  7. sm_categoryid and sm_eventid field in smobjlog4 table logs values like 100, 601, 106, 107, 108... Can we have a list of the meaning of each value> 100?

Resolution

 

1. What is logged in smobjlog4 and smaccesslog4 table?

     smobjlog4 logs administrative UI events
     smaccesslog4 logs authentication and authorization activity.

     For example, logging in to the Administrative UI is considered a login, but it is also considered a UI event. So when logging into the UI, then the event will be seen in the smaccesslog4 and the smobjlog4. The smobjlog4 only has an entry for sm_objname and sm_objoid a specific object in the UI is added or modified, like creating a realm, deleting an agent, etc...

     Login to the AdminUI will log a row into the smobjlog4, but it will not have sm_objname nor sm_objoid.

2. What is the significance of the smaccesslog4 table's fields: sm_categoryid, sm_eventid, sm_reason?

     All fields of smobjlog4 and smaccesslog4 tables are described in the Policy Server Administration Guide (1).
   
3. Does this mean that it stores all Administrative UI actions made by administrators?

    Yes, the old Administrative UI and any admin API commands would be logged here.

4. Does the report call "Submitted Tasks" logs the same as the smobjlog4 table?

    No, the Administrative UI submitted tasks use the new inbuilt RBMS in the Administrative UI itself.

5. Does the report call "Submitted Tasks" reads its data from the smobjlog4 table?

    No, it uses the inbuilt data.

6. What is the difference between the smobjlog4 table and the "Tasks persistence" table of Administrative UI?

    One is the admin access for the Policy Server and the other is the admin tasks executed from the Administrative UI.

7. sm_categoryid and sm_eventid field in smobjlog4 table logs values like 100, 601, 106, 107, 108... Can we have a list of the meaning of each value> 100?

    Consult the /sdk/lib/smEventApi.h provided from the SDK to get more information.

    To illustrate:

    100    > SmLogEmsCat_DirectoryAdmin = 100     /* Administrator command    */
    601    > SmLogEmsEvent_PasswordModify = 601
    106    > SmLogEmsEvent_EnableUser = 106
    107    > SmLogEmsEvent_DisableUser = 107
    108    > SmLogEmsEvent_SetUserDisabledState = 108

 

Additional Information

 

(1)

    Logs for Access and Administrative Events (smaccesslog4 and smobjlog4)