ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins. Read more for important details.
ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins.Read more for important details.
This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK

Add security audit logging to gather login info

Idea ID 2739134

Add security audit logging to gather login info

Status: Under Consideration Submitted by Micro Focus Expert on ‎2017-02-22 03:26

Need to provide application level add audit logging for logins, logouts and password changes.

Log the following information at the SSO level.

  • Type of event (log off, log on, password change)
  • User_id
  • Date and Time
  • Device ID  (ip address and/or hostname)
  • All login attempts successful or failed.
  • Log off Creation, deletion or alteration of passwords
3 Comments
David_J_Easter
Absent Member.
Absent Member.
‎2017-03-16 22:09
‎2017-03-16 22:09
We'll put this under consideration for the 2HCY'17 release.
rweedon
Absent Member.
Absent Member.
‎2017-03-21 02:06
‎2017-03-21 02:06
Also would like 30,60,90 auto-account disabling for dormant activity. Actions should be deactivate, Click Here to accept TOE again, or have an account admin approve reactivation. Reporting on all of this is key for C&A validation. I have not tried LDAP integration but what often occurs is a system that uses LDAP does not record an actual Login for that user in AD. So an AD that is configured to DoD standards disables a user account for inactivity even though it is active but only through SBM. On this same topic, ability to disable identity transformation from X509 fields would be useful. Then have an account "subject" field explicitly define each user, essentially having a GUI for cert_2_user_mapping.xml. Then changes to these fields fall under same auditing umbrella as other Sec Audit objects. Send all of this to separate DB or syslog destination. All of these capability requirements are touched on in Application Server, Website, Network Management, and Enclave Computing stigs. They repeatedly ask for all these same things.
beth_shenk_ctr
Absent Member.
Absent Member.
‎2017-03-24 19:36
‎2017-03-24 19:36
This would include audits for users logging in with both username/password, and CAC?
About the Author
David Goodale
Micro Focus Expert
Solutions Business Manager (SBM), Powershell, VBScript, Javascript, Application Security, Project Management
Most "Liked" Contributors
View All ≫
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.