You can use the SiPass activity trails report to find out which SiPass actions were made on SiPass entities in Security Center, who performed the actions, and when. This report provides an audit log of the SiPass actions that were made in Security Desk and Config Tool.
What you should know
- The Activity trails task in Config Tool does not log SiPass actions. Only the SiPass activity trails task logs the SiPass actions.
The SiPass activity trails report can be exported, printed, and customized like any other Security Center report. For instructions see exporting, printing, and customizing reports.
You can filter the report by Activities. For a list of available activities, see Triggering action commands on SiPass entities from Security Desk.
- From the home page in Security Desk, open the SiPass activity trails.
Set up the query filters for the report. Choose from one or more of the following filters:
- Select the entities you want to investigate. To help you find specific entities, you can search the list of entities for a keyword in the entity's name, and you can filter the list by Name, Description, Entity type, Partition, Role (such as SiPass), and Custom fields (such as CardNumber and EmployeeNumber).
- Select one or more SiPass actions to include in the report.
- Time range
- Specify a range of time or choose specific dates.
Click Generate report.
After generating a report, the results of your query are listed in the report pane.
The following list describes the columns in the report.
- Date and time the action occurred.
- The SiPass entity upon which the action was performed.
- Name of the action. In the SiPass Integrated software, these actions are the manual override commands.
- The machine and client application from which the action was performed. This field is empty when the action was performed by a user from the widget or by a scheduled task.
- Application version
- The version number of the application. This field is empty when the action was performed by a user from the widget or by a scheduled task.
- The host name of the computer from which the action was performed. This field is empty when the action was performed by a user from the widget or by a scheduled task.
- The name of the user who performed the action. This field is empty when the action was performed by a user from the widget or by a scheduled task.