- Notes, cautions, and warnings
- Preface
- Overview
- Deployment
- Getting started
- System configuration
- Configure network settings
- Manage users, roles, and scopes
- Ending user sessions
- Directory services integration
- Login using OIDC providers
- Security certificates
- Manage console settings
- Set the login security properties
- Customize the alert display
- Configure SMTP, SNMP, and Syslog
- Manage incoming alerts
- Manage warranty settings
- Configure remote commands and scripts
- OpenManage Mobile settings
- Enable or disable alert notifications for OpenManage Mobile
- Enable or disable OpenManage Mobile subscribers
- Delete an OpenManage Mobile subscriber
- View the alert notification service status
- Notification service status
- View information about OpenManage Mobile subscribers
- OpenManage Mobile subscriber information
- Troubleshooting OpenManage Mobile
- Discovering devices
- Server-initiated discovery
- Create a device discovery job
- Protocol support matrix for discovering devices
- View device discovery job details
- Edit a device discovery job
- Run a device discovery job
- Stop a device discovery job
- Discover multiple devices by .csv import
- Global exclusion of ranges
- Specify a discovery mode for server discovery
- Create a custom discovery job for servers
- Specify discovery mode for chassis discovery
- Create a custom discovery job for the chassis
- Specify discovery mode for Dell storage discovery
- Specify discovery mode for network switch discovery
- Create a custom discovery job for HTTPS storage devices
- Create a custom discovery job for SSH devices
- Create a custom discovery job for SNMP devices
- Specify the discovery mode for multiple discovery jobs
- Delete a device discovery job
- Managing devices and device groups
- Organize devices into groups
- Create a custom static or query group
- Create a static device group
- Create a query device group
- Edit a static group
- Edit a query group
- Rename a static or query group
- Delete a static or query device group
- Clone a static or query group
- Add devices to a new group
- Add devices to existing group
- Refresh health on group
- All Devices screen device list
- All Devices screen actions
- Delete devices from OpenManage Enterprise
- Exclude devices from OpenManage Enterprise
- Run inventory on devices
- Update the device firmware and drivers by using baselines
- Refresh the device health of a device group
- Refresh health on devices
- Roll back an individual device's firmware version
- Export the single device inventory
- Performing more actions on chassis and servers
- Hardware information displayed for MX7000 chassis
- Export data
- View and configure individual devices
- Run and download diagnostic reports
- Extract and download a Services report
- Managing individual device hardware logs
- Run remote commands on managed devices
- Launch the iDRAC device management application
- Launch the virtual console
- Attaching iDRAC virtual media
- Refresh device inventory of a single device
- View installed and available licenses on a device
- Organize devices into groups
- Managing device inventory
- Managing device firmware and drivers
- Managing device deployment templates
- Create a deployment template from a reference device
- Create a deployment template by importing a template file
- View a deployment template information
- Edit a server deployment template
- Edit a chassis deployment template
- Edit IOA deployment template
- Edit network properties of a deployment template
- Deploy device deployment templates
- Deploy IOA deployment templates
- Clone deployment templates
- Export a deployment template
- Delete deployment templates
- Auto deploy device configuration before discovery
- Create auto deployment targets
- Delete auto deployment targets
- Export auto deployed target details
- Overview of stateless deployment
- Define networks
- Edit or delete a configured network
- Export VLAN definitions
- Import network definitions
- Managing device warranty
- Managing alerts
- Managing MIB files
- Configuring profiles
- Configuration compliance
- Managing licenses
- Using jobs for device control
- Monitoring audit logs
- Monitoring reports
- Back up, restore, or migrate
- Updating the console and plugins
- Managing plugins
- Troubleshooting
- Troubleshooting connectivity
- Firmware and DSU requirements for HTTPS
- Firmware schedule reference
- Firmware baseline field definitions
- Supported and unsupported actions on proxied sleds
- Schedule job field definitions
- Alert categories after EEMI relocation
- Token substitution in remote scripts and alert policy
- Catalog Management field definitions
- Devices with unknown compliance status
- Device rediscovery running for a long time after deleting iDRAC service account
- Dell Connectivity Service : Failed with exception: Unable to get access token from DCS
OpenManage Enterprise 4.1.x User's Guide
Monitoring audit logs
OpenManage Enterprise captures and displays audit logs to help you understand tasks performed using OpenManage Enterprise. For example, user login attempts, creation of alert policies, and running different jobs.
Prerequisites
About this task
- A group is assigned or access permission is changed.
- User role is modified.
- Actions that were performed on the devices monitored by OpenManage Enterprise.
- A console setting is modified.
- A plugin management action is performed (install, uninstall, etc.).
NOTE:
- Scope-based restrictions are not applicable to the Audit logs.
- The file will not be immediately ready for download especially in cases where there is a large set of logs being collected. The collection process happens in the background, and a file save prompt is displayed when the operation is completed.
Steps
-
To view the audit logs, select
.
The audit logs that OpenManage Enterprise stores and displays about the tasks performed by using the appliance are displayed. For example, user login attempts, creation of alert policies, and running different jobs.
- To sort data in any of the columns, click the column title.
-
To quickly search for information about an audit log, click
Advanced Filters.
The following fields are displayed that act as filters to quickly search for data.
-
Enter or select data in the following fields:
- Severity: Select the severity level of a log data. The available options are info, warning, and critical.
- Critical: Any unusual action happened. Immediate attention is needed.
- Warning: The event is significant, but does not need immediate attention.
- Info: Any action performed with success.
- Start Time and End Time: To view audit logs of a specified period.
- User: To view audit logs from a specific user. For example, admin, system, device manager, and viewer.
- Source Address: To view audit logs from a specific system. For example, the system where you have logged in to the OpenManage Enterprise.
- Category: To view audit logs of audit or configuration type.
- Audit: Generated when a user logs in or out of the OpenManage Enterprise appliance.
- Configuration: Generated when any action is performed on a target device.
- Description Contains: Enter the text or phrase contained in the log data that you are searching for. All logs with the selected text are displayed. For example, if you enter warningSizeLimit, all the logs with this text are displayed.
- Message ID: Enter the message ID. If the search criteria matches, only the items with the matching message ID are displayed.
- Severity: Select the severity level of a log data. The available options are info, warning, and critical.
- To remove the filter, click Clear All Filters.
- To export an audit log or all the audit logs, select , or respectively. For more information about exporting the audit logs, see Export data.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\