Applies To:Show Versions
Auditing User Access
About auditing of user
access to the BIG-IP system
- The connecting user's ID
- The IP address or host name of the user's interface
- The time of each login attempt
- Successful login attempts for command line interface sessions only
- Failed login attempts for command line interface, BIG-IP Configuration utility, and iControl sessions
- The time of the logout for command line interface sessions only
May 10 16:25:25 jsmith-dev sshd: pam_audit: user: jsmith(jsmith) from: /dev/pts/10 at jsmith-dev attempts: 1 in: [Thu May 10 16:25:23 2007 ] out: [Thu May 10 16:25:25 2007 ] May 10 16:14:56 jsmith-dev sshd: pam_audit: User jsmith from ssh at jsmith-dev failed to login after 1 attempts (start: [Thu May 10 16:14:53 2007 ] end: [Thu May 10 16:14:56 2007 ]).
- By user action
- By system action
- By loading configuration data
About enabling and
disabling auditing logging
- This turns audit logging off. This is the default value.
- This causes the system to log messages for user-initiated configuration changes only.
- This causes the system to log messages for user-initiated configuration changes and any loading of configuration data.
- This causes the system to log messages for all user-initiated and system-initiated configuration changes.
- This turns audit logging off.
- This causes the system to log alltmshcommands, including commands that result in no change to the configuration. Note that the system does not generate a log entry when the user types the single commandtmshto open thetmshshell. This is the default log level.