Investigating past activity on SiPass entities in Security Center - SiPass 3.2

SiPass Plugin Guide 3.2

Applies to
SiPass 3.2
Last updated
2017-09-28
Content type
Guides
Guides > Plugin and extension guides
Language
English (United States)
Product line
Ecosystem (add-ons) > SiPass
Version
3.2

You can use the SiPass activity trails report to find out which SiPass actions were made on SiPass entities in Security Center, who performed the actions, and when. This report provides an audit log of the SiPass actions that were made in Security Desk and Config Tool.

What you should know

Procedure

  1. From the home page in Security Desk, open the SiPass activity trails.
  2. Set up the query filters for the report. Choose from one or more of the following filters:
    Entities
    Select the entities you want to investigate. To help you find specific entities, you can search the list of entities for a keyword in the entity's name, and you can filter the list by Name, Description, Entity type, Partition, Role (such as SiPass), and Custom fields (such as CardNumber and EmployeeNumber).
    Activities
    Select one or more SiPass actions to include in the report.
    Time range
    Specify a range of time or choose specific dates.
  3. Click Generate report.

    After generating a report, the results of your query are listed in the report pane.

    The following list describes the columns in the report.

    Timestamp
    Date and time the action occurred.
    Source
    The SiPass entity upon which the action was performed.
    Activity
    Name of the action. In the SiPass Integrated software, these actions are the manual override commands.
    Application
    The machine and client application from which the action was performed. This field is empty when the action was performed by a user from the widget or by a scheduled task.
    Application version
    The version number of the application. This field is empty when the action was performed by a user from the widget or by a scheduled task.
    Machine
    The host name of the computer from which the action was performed. This field is empty when the action was performed by a user from the widget or by a scheduled task.
    User
    The name of the user who performed the action. This field is empty when the action was performed by a user from the widget or by a scheduled task.