2.3.2 Audit log output details
The following tables describe audit log output details.
No. |
Item |
Description |
---|---|---|
1 |
processed-date |
Date and time the log entry is written (server time). The data is output in the following format: four-digit-year-two-digit-month-two-digit-dayTtwo-digit-hour:two-digit-minute:two-digit-second.three-digit-millisecond(+|-)UTC-time-offset-in-hours-and-minutesLdelay-time The delay-time refers to a period of time from the event occurrence to the data to be written to a log. (in seconds) |
2 |
client-IP-address |
The IP address of the client that accessed the system is output. If access is made via a proxy server that hides the IP address of the client, the IP address of that proxy server is output. |
3 |
log-level |
A log level, which indicates the level of importance of the log, is output. One of the levels below is output. The levels are described in descending order of importance.
|
4 |
identifier-for-operation-target-object |
The ID information of the object that has become an operation target is output. Multiple parameters might exist because different parameters are output depending on the operation type. Note that information might not be output depending on the operation condition. For output details, see Table 2-9 Details of the identifier for operation target object output in audit log. |
5 |
operation-type-output-in-audit-log |
A string indicating the operation type is output. For output details, see Table 2-10 Details of operation type output in audit log. |
6 |
operation-details-output-in-audit-log |
Various kinds of information related to the operation are output. Multiple parameters might exist because different parameters are output depending on the operation type. Note that information might not be output depending on the operation condition. For output data details, see Table 2-11 Details of operation details output in audit log. |
Identifier for operation target object |
Parameter complemented by |
Supplemental information |
---|---|---|
uid=<No.serial-number#user-ID> |
|
Indicates a user that logged in or out. |
fid=file-number |
|
Indicates a file. |
did=delivery-number |
|
Indicates a file sending event. |
rid=reception-number |
A unique number assigned to a file receiving event |
Indicates a file receiving event. |
user=<No.serial-number#user-ID> |
|
Indicates a general user or guest user. |
group=<group-name> |
-- |
Indicates a group. |
rsn=rule-number |
|
Indicates a delivery rule or authentication rule. |
accept=<(true|false)> |
true: Accept false: Deny |
Indicates the Accept status or Deny status of the delivery rule or authentication rule. |
policy=<policy-name> |
-- |
Indicates a delivery policy or authentication policy. |
from=<group-name> |
-- |
For a delivery rule, indicates a sender group. For an authentication rule, indicates an applicable group. |
to=<group-name> |
-- |
For a delivery rule, indicates a recipient group. |
from-net=<applicable-network> |
|
Indicates a network that the authentication rule is applied to. |
network-set=<network-set-name> |
-- |
Indicates a network set. |
approval-route=<approval-route-name> |
-- |
Indicates an approval route. |
src=<IP-address> |
|
Indicates a client. |
system=<system-name> |
-- |
Indicates the English name of an authentication system. |
Operation type |
Operation type output in audit log |
Description |
---|---|---|
Logging in |
LOGIN |
Recorded when a user logs in to JP1/DH - Server. |
Logging out |
LOGOUT |
Recorded when a user logs out from JP1/DH - Server. |
Sending a new delivery |
SEND_DELIVERY |
Recorded when a new file is sent. |
Transmission failure |
CONNECTION_ABORTED |
Recorded when file transmission failed immediately after the file was transmitted. |
Viewing details of a received file, or an attempt to open a file with password |
OPEN_DELIVERY |
Recorded in one of the following cases:
|
Login |
RECV_LOGIN |
Recorded when a user logged in by using the URL in the received email. |
Receiving or accessing the window |
RECV_DELIVERY |
Recorded in either of the following cases:
|
Deleting a file |
DELETE_DELIVERY |
Recorded when a file is deleted. |
Deleting an failure delivery file |
DELETE_FAILURE_DELIVERY |
Recorded when a file failed to be sent is deleted. |
Downloading a received file |
DOWNLOAD_FILE |
Recorded when a file is downloaded. |
Creating a guest user |
CREATE_GUEST |
Recorded when a guest user is created. |
Updating guest user information |
UPDATE_GUEST |
Recorded when guest user information is updated. |
Activating a guest user |
ACTIVATE_GUEST |
Recorded when a guest user is activated. |
Inactivating a guest user |
INACTIVATE_GUEST |
Recorded when a guest user is inactivated. |
Deleting a guest user |
DELETE_GUEST |
Recorded when a guest user is deleted. |
Creating a general user |
CREATE_USER |
Recorded when a general user is created. |
Updating general user information |
UPDATE_USER |
Recorded when general user information is updated. |
Activating a general user |
ACTIVATE_USER |
Recorded when a general user is activated. |
Inactivating a general user |
INACTIVATE_USER |
Recorded when a general user is inactivated. |
Deleting a general user |
DELETE_USER |
Recorded when a general user is deleted. |
Creating a group |
CREATE_GROUP |
Recorded when a group is created. |
Updating group information |
UPDATE_GROUP |
Recorded when group information is updated. |
Activating a group |
ACTIVATE_GROUP |
Recorded when a group is activated. |
Inactivating a group |
INACTIVATE_GROUP |
Recorded when a group is inactivated. |
Deleting a group |
DELETE_GROUP |
Recorded when a group is deleted. |
Issuing an electronic certificate |
CREATE_CERT |
Recorded when an electronic certificate is issued. |
Revoking an electronic certificate |
REVOKE_CERT |
Recorded when an electronic certificate is revoked. |
Creating a delivery rule |
CREATE_DELIVERY_RULE |
Recorded when a delivery rule is created. |
Updating a delivery rule |
UPDATE_DELIVERY_RULE |
Recorded when a delivery rule is updated. |
Moving the delivery rule position downward |
DOWN_DELIVERY_RULE |
Recorded when the position of a delivery rule is moved downward in the delivery rule list. |
Moving the delivery rule position upward |
UP_DELIVERY_RULE |
Recorded when the position of a delivery rule is moved upward in the delivery rule list. |
Activating a delivery rule |
ACTIVATE_DELIVERY_RULE |
Recorded when a delivery rule is activated. |
Inactivating a delivery rule |
INACTIVATE_DELIVERY_RULE |
Recorded when a delivery rule is inactivated. |
Deleting a delivery rule |
DELETE_DELIVERY_RULE |
Recorded when a delivery rule is deleted. |
Creating a delivery policy |
CREATE_DELIVERY_POLICY |
Recorded when a delivery policy is created. |
Updating a delivery policy |
UPDATE_DELIVERY_POLICY |
Recorded when a delivery policy is updated. |
Deleting a delivery policy |
DELETE_DELIVERY_POLICY |
Recorded when a delivery policy is deleted. |
Creating an authentication rule |
CREATE_AUTH_RULE |
Recorded when an authentication rule is created. |
Updating an authentication rule |
UPDATE_AUTH_RULE |
Recorded when an authentication rule is updated. |
Moving the authentication rule position downward |
DOWN_AUTH_RULE |
Recorded when the position of an authentication rule is moved downward in the authentication rule list. |
Moving the authentication rule position upward |
UP_AUTH_RULE |
Recorded when the position of an authentication rule is moved upward in the authentication rule list. |
Activating an authentication rule |
ACTIVATE_AUTH_RULE |
Recorded when an authentication rule is activated. |
Inactivating an authentication rule |
INACTIVATE_AUTH_RULE |
Recorded when an authentication rule is inactivated. |
Deleting an authentication rule |
DELETE_AUTH_RULE |
Recorded when an authentication rule is deleted. |
Creating an authentication policy |
CREATE_AUTH_POLICY |
Recorded when an authentication policy is created. |
Updating an authentication policy |
UPDATE_AUTH_POLICY |
Recorded when an authentication policy is updated. |
Deleting an authentication policy |
DELETE_AUTH_POLICY |
Recorded when an authentication policy is deleted. |
Creating an authentication system |
CREATE_AUTH_SYSTEM |
Recorded when an authentication system is created. |
Updating an authentication system |
UPDATE_AUTH_SYSTEM |
Recorded when an authentication system is updated. |
Deleting an authentication system |
DELETE_AUTH_SYSTEM |
Recorded when an authentication system is deleted. |
Failure in LDAP authentication system linkage |
FAILED_LDAP_AUTHENTICATION |
Recorded when authentication using an LDAP authentication system failed. |
Multiple matching users are found in the authentication system |
DUPLICATE_LDAP_USER_EXISTS |
Recorded when multiple matching users are found in the searched directory server during an authentication process using an LDAP authentication system. |
No matching user in the authentication system |
LDAP_USER_DOES_NOT_EXISTS |
Recorded when no matching user is found in the searched directory server during an authentication process using an LDAP authentication system. |
Creating a network set |
CREATE_NETWORK_SET |
Recorded when a network set is created. |
Updating a network set |
UPDATE_NETWORK_SET |
Recorded when a network set is updated. |
Deleting a network set |
DELETE_NETWORK_SET |
Recorded when a network set is deleted. |
Creating an approval route |
CREATE_APPROVAL_ROUTE |
Recorded when an approval route is created. |
Updating an approval route |
UPDATE_APPROVAL_ROUTE |
Recorded when an approval route is updated. |
Deleting an approval route |
DELETE_APPROVAL_ROUTE |
Recorded when an approval route is deleted. |
Skipping an approval route |
SKIP_DELIVERY_APPROVAL |
Recorded if an approval process is skipped for a transmission by JP1/Data Highway - AJE. |
Downloading an audit log file |
DOWNLOAD_LOG |
Recorded when an audit log file is downloaded. |
Notification of delivery |
NOTIFY_DELIVERY |
Recorded when an email is sent to the recipient or approver to notify a new file delivery. |
Notification of approval acceptance |
NOTIFY_DELIVERY_ACCEPTED |
Recorded when an email is sent to the sender to notify acceptance of file transmission approval. |
Notification of approval rejection |
NOTIFY_DELIVERY_REJECTED |
Recorded when an email is sent to the sender to notify rejection of file transmission approval. |
Notification of delivery opening |
NOTIFY_OPEN_DELIVERY |
Recorded when an email is sent to notify the opening of a file for which the notification for file opening is activated. |
Changing a password |
UPDATE_PASSWORD |
Recorded when a user password is changed. |
Expiration of password validity period |
PASSWORD_EXPIRED |
Recorded if the password validity period is expired when the user attempts to log in. |
Changing user language |
UPDATE_USER_LANG |
Recorded when the user language setting is changed. |
Client authentication acceptance |
SERVER_ACCEPT_CLIENT |
Recorded when the server of JP1/DH - Server accepted a Java applet authentication. |
Unauthorized operation |
ILLEGAL_INTERFACE_CALL |
Recorded when an attempt is made to perform an unauthorized operation and the operation is aborted. Also recorded when data is sent to a user not displayed in the address book by using JP1/Data Highway - AJE. |
Operation details |
Parameter complemented by |
Supplemental information |
---|---|---|
application-type=(web|command) |
|
Indicates an interface at the time of login. |
succeeded=(0|1) |
|
Indicates success or failure of operation. |
token-type={password, local-stored-private-key} |
|
Indicates an authentication type at the time of login. |
auth-methods={std-pw-auth,cert-auth} |
|
Indicates the authentication method permitted in the authentication policy. If multiple authentication methods are permitted, they are output with each item separated by comma (,). |
operator=<No.serial-number#user-ID> |
serial-number: A unique number assigned to a user |
Indicates the user who performed the operation. |
operator=<user-ID> |
-- |
Indicates the ID of the user who performed the operation. |
account=(unlock|lockout) |
|
Indicates the account lock status at the time of login. |
operator-group=<English-name-of-the-primary-group-for-the-operating-user> |
-- |
Indicates the primary group an operating user belongs to. |
filesize=file-size |
-- |
Indicates the file size. |
mime-type=MIME-type |
-- |
Indicates the MIME type of a file. |
compressed-by= (NONE|ZIP/9|ZIP/5|ZIP/1) |
|
Indicates the compression level to be applied when the Standard compression method is selected for file transmission. |
compressed-by= (NONE|GCP/0|GCP/9|GCP/5|GCP/1) |
|
Indicates the compression level to be applied when the Extended compression method is selected for transmission of a file or folder. |
filename=file-name |
-- |
Indicates a file name. |
transfered=number-of-bytes-that-are-sent |
-- |
Indicates the number of bytes that are sent. |
received-time=reception-time |
-- |
Indicates the time it took to send or receive a file. |
start-time={start-date-and-time(JST)} |
-- |
Indicates the time of day (server time) the transmission or reception process started. |
end-time={end-date-and-time(JST)} |
-- |
Indicates the time of day (server time) the transmission or reception process ended. Reception-based charges are based on this time. |
throughput=throughput |
-- |
Indicates throughput in file transmission or reception. |
from=sender-email-address |
-- |
Indicates the sender of the file. |
to=recipient-email-address |
-- |
Indicates the recipient of the file. |
notify-opening-delivery= (0|1) |
|
Indicates whether the notification for file opening is sent to the sender when the file is opened. |
end-time=end-time |
-- |
Indicates the date and time (server time) the operation is completed. |
email=<email-address> |
-- |
Indicates an email address. |
delivery-policy=<No.serial-port-number#English-policy-name> |
-- |
Indicates a delivery policy. Policies with the same name are distinguished based on their serial numbers. |
max-per-delivery=maximum-data-capacity-per-delivery |
-- |
Indicates the maximum amount of data to be delivered (per delivery) in the delivery policy. (In bytes) |
max-per-file=maximum-data-capacity-per-file |
-- |
Indicates the maximum amount of data to be delivered (per file) in a delivery policy. (In bytes) |
max-expire-date=maximum-storage-period |
-- |
Indicates the maximum storage period in a delivery policy. (In days) |
protocol=LDAP |
-- |
Indicates the communication protocol used for communication with the directory server when authentication with an LDAP authentication system is performed. |
server-type= (LDAP_V3|ACTIVE_DIRECTORY) |
|
Indicates the type of directory server to link with the system. |
directory-servers=<directory-server-host-name>:<port-number> |
-- |
Indicates the server of the linked directory server. |
auth-methods=<<SIMPLE/finderDn=search-target-user-name>> |
-- |
Indicates the user name searched for by the directory server. |
period=<start-day-end-day> |
-- |
Indicates the period for the obtained audit log. |
code=error-type |
-- |
Indicates the error type when an error occurred. |