Martyn Houghton Posted May 4, 2016 Share Posted May 4, 2016 Does the system record user logins to an audit table, or is there just the last authentication date stamp against the user's record? We implemented this in SupportWorks using VPME on the event to populate a table with a history of user logon data stamps, so looking at a way of acheiving a similar outcome in the platform. Cheers Martyn Link to comment Share on other sites More sharing options...
Guest Chaz Posted May 4, 2016 Share Posted May 4, 2016 Hi Martyn, you can find the last logged on date for each user in the h_sys_accounts table. The column you're looking for is called h_last_logon and contains a timestamp in the following format: YYYY-MM-DD HH:MM:SS There's no log of this information, however. Hope that helps! Link to comment Share on other sites More sharing options...
Gerry Posted May 5, 2016 Share Posted May 5, 2016 Hi Martyn, It currently does not do this, although it probably should for security audit reasons. Can I ask what you use the gathered data for and how you browse/interact with the gathered data? Also, what information were you collecting (and why just curious to know as I will look into it. Of course in the world of Hornbill the concept of "logging in" is a little vague when using SSO. Under the hood we still do it so we can definitely log it but I am not sure how meaningful the information would be. Another example is mobile access - its always on and does not even have a concept of logging in (apart from the first time you register the device), its a secure trust relationship set up between a user account and a device. Interested in your thoughts Gerry Link to comment Share on other sites More sharing options...
Martyn Houghton Posted May 11, 2016 Author Share Posted May 11, 2016 Gerry We currently use the login audit to check on a distributed workforce to ensure they are logging into the system in a timely manner in relation to their shifts. Also as sometime we have to connect to restrictive VPN connections to provide support to our customers, the last login date/time stamp is not necessarily as useful to us, as it would be for sites where the analysts are all office based and stay logged into the system from the beginning of the day. As you say form a security point of view it would also be useful given that the application is cloud based rather than on premise. Cheers Martyn Link to comment Share on other sites More sharing options...
Martyn Houghton Posted October 3, 2016 Author Share Posted October 3, 2016 @Gerry @cchana I seem to have a vague memory that there were some mention of some auditing of login's in a subsequent release of the platform but do not seem to be able to locate it in any of the release notes, so not sure if there was some changes on this front or if I just misunderstood something. Was there any changes on this front? Cheers Martyn Link to comment Share on other sites More sharing options...
Gerry Posted October 4, 2016 Share Posted October 4, 2016 Hi Martyn, Sorry for the delay on this one. We tend to roll this suff out incrementally, and this is no exception. You will find there is now a table called h_sys_security_log which has been quietly logging security events for a couple of months now. Further work needs to be done to expose this and make it useful, and to document it but the basics of it are there and in place. I will have a look and see what happens next but if you want to pull a report out from that table then the information is there for you. Let me know if you think there is anything missing/amiss here. Gerry Link to comment Share on other sites More sharing options...
Gerry Posted October 4, 2016 Share Posted October 4, 2016 Hi Martyn, I expect you will be asking what the following mean, I thought I would pre-empt the question h_type 0 = Logon 1 = Logoff 2 = UserApiSessionCreate 3 = SessionTimeout 4 = SessionKill h_source 0 = GuestLocal 1 = GuestSaml 2 = UserLocal 3 = UserSaml 4 = System 5 = BasicLocal 6 = BasicSaml Gerry 1 Link to comment Share on other sites More sharing options...
Gerry Posted October 4, 2016 Share Posted October 4, 2016 Martyn, Please not that the security log only currently includes logon events from the UserLocal source. The next server update will start to include all sources except System and all types except USerApiSessionCreate Gerry Link to comment Share on other sites More sharing options...
Martyn Houghton Posted October 6, 2016 Author Share Posted October 6, 2016 @Gerry Thanks for the detailed response as that will allow me to report from these tables in the interim. Cheers Martyn Link to comment Share on other sites More sharing options...
Gerry Posted October 6, 2016 Share Posted October 6, 2016 Hi Martyn, No problem. I believe we are meeting on Monday, look forward to catching up Gerry Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now