Auditing for administrative functions is enabled on these components:
- VidyoPortal (.csv format)
- VidyoManager (plain text format in a .tar.gz file)
- VidyoRouter (plain text format in a .tar.gz file)
- VidyoGateway (plain text format in a .tar.gz file)
The sections below describe how to download the Audit logs for each component. For information about using a separate syslog server, see Enabling Syslog.
Downloading Audit Logs from Your VidyoPortal
VidyoPortal audit logs can be generated using the System Console. For more information, see Downloading System Logs.
Downloading Audit Logs from Your VidyoRouter
Sample Audit Log ContentTo download the Audit logs from your VidyoRouter:
- Log in to your VidyoRouter Configuration Pages using your System Console account.
The URL of your VidyoRouter is typically a domain name: http://[IP or FQDN address]/vr2conf. You can also click the VidyoRouter IP address on the Components tab in your VidyoPortal.
For more information, see Logging in to the System Console of Your Server and Changing the Default Password.
Although the default username for this page is admin, only the Super Admin accesses these pages.
The Settings tab and Maintenance left menu item displays by default. - Click the Download Logs subtab.
- Select corresponding checkboxes for the logs you want to download.
- Click the Download Audit Logs button to download the file.
The Download Audit Logs button downloads the single application logs file for auditing purposes, whereas the Download button is used to download specific user activity log files.
Downloading Audit Logs from Your VidyoGateway
To download audit logs from your VidyoGateway:
- Log in to your VidyoGateway using your System Console account.
The URL of your VidyoGateway is typically a domain name: http://[vidyogateway.example.com]/. You can also click the VidyoGateway IP address on the Components tab in your VidyoPortal.
For more information, see Logging in to the System Console of Your Server and Changing the Default Password.
- Navigate to Maintenance > Diagnostics.
- Click the Download Audit Logs button to download the file.
The browser downloads the .tar.gz file.
The Download Audit Logs button downloads the single application logs file for auditing purposes, whereas the Download button is used to download specific user activity log files.
Content Captured in the Audit Log
The following content is captured in the Audio log:
| Super | |
|---|---|
| Login | |
| Login Successful | Logoff |
| Login Unsuccessful | |
| Components | |
| Component Updated | Router Pools Activated |
| Component Enabled | Gateway Added |
| Component Deleted | Gateway Modified |
| Component Disabled | Gateway Deleted |
| Tenants | |
| Add Tenant | Delete Tenant |
| Modify Tenant | |
| Router Pools | |
| Add / Delete Pool | Discard Modified Config |
| Add / Delete Priority List | Create Location |
| Add / Delete Rule | Delete Location |
| Activate Cloud Config | Add / Delete Pool Connection |
| Create Modified Config | |
| Settings | |
| System License Updated | System Restart |
| Software Updated | Ports Apply |
| Database Backup | Generate CSR |
| Database Upload | Upload CSR |
| Database Download | Clear CSR |
| System Upgrade | Certs Uploaded |
| Admin | |
| Login | |
| Login Successful | Logoff |
| Login Unsuccessful | |
| Users | |
| Add User | Modify User |
| Delete User | Add Legacy |
| Meeting Rooms | |
| Add Meeting Room | Delete Meeting Room |
| Modify Meeting Room | |
| Groups | |
| Add Groups | Delete Groups |
| Modify Groups | |
| Settings | |
| Upload Software | LDAP Save |
| Authentication | |
| VidyoManager | |
| Login | |
| Login Successful | Logoff |
| Login Unsuccessful | |
| Basic | |
| Apply Config Server | |
| Restart | |
| Restart | Shutdown |
| VidyoRouter | |
| Login | |
| Login Successful | Logoff |
| Login Unsuccessful | |
| Basic | |
| Apply Config Server | |
| Security | |
| Ports Apply | Upload CSR |
| Generate CSR | Clear CSR |
| Upload | |
| Upload and Upgrade | Shutdown |
| Restart | |
| VidyoGateway | |
| Login | |
| Login Successful | Logoff |
| Login Unsuccessful | |
| Config | |
| Save | Save and Apply |
| Services | |
| Add Service | Modify Service |
| Delete Service | |
| Upgrade Gateway | |
| Upload and Install | |
| Certificate | |
| Upload | |
| Restart | |
| Restart | Shutdown |
Sample Audit Log Content
This is how an Audit log for the VidyoRouter, VidyoGateway, and VidyoManager in .txt format looks as viewed in a text editor after being decompressed. From left to right the data logged includes Timestamp, User ID, IP Address, and Description.
The following illustration shows how a VidyoPortal Audit log in .csv format looks as viewed in a spreadsheet program. From left to right the data logged includes: Action ID, User ID, Tenant Name, Action, Action Result, Timestamp, IP Address, and Action Description.
The following are lines taken from actual Syslog content.
<14>1 2013-06-05T14:51:02.389340-04:00 federalvp java - - - VidyoPortal [audit timestamp="Wed Jun 05 14:51:02 EDT 2013" result="SUCCESS" tenant="LOCAL" action="Login" params="Username=superuser1" user=" superuser1" ip="192.168.0.100"]
<14>1 2013-06-05T14:51:28.397257-04:00 federalvp java - - - VidyoPortal [audit timestamp="Wed Jun 05 14:51:28 EDT 2013" result="SUCCESS" tenant="LOCAL" action="Delete Tenant" params="TenantID = 7;TenantName=TEST" user="superuser1" ip="192.168.0.100"]
The format used for the Syslog content complies with RFC-5424 standards.
Comments
0 comments
Please sign in to leave a comment.