- Notes, cautions, and warnings
- Revision history
- Preface
- About OpenManage Enterprise
- Security features in OpenManage Enterprise
- Install OpenManage Enterprise
- Installation prerequisites and minimum requirements
- Deploy OpenManage Enterprise on VMware vSphere
- Deploy OpenManage Enterprise on Hyper-V 2012 R2 and earlier host
- Deploy OpenManage Enterprise on Hyper-V 2016 host
- Deploy OpenManage Enterprise on Hyper-V 2019 or Windows 2022 host
- Deploy OpenManage Enterprise by using Kernel-based Virtual Machine
- Deploy OpenManage Enterprise programmatically
- Get started with OpenManage Enterprise
- Log in to OpenManage Enterprise
- Configure OpenManage Enterprise by using Text User Interface
- Configure OpenManage Enterprise
- Recommended scalability and performance settings for optimal usage of OpenManage Enterprise
- Supported protocols and ports in OpenManage Enterprise
- Use case links for the supported protocols and ports in OpenManage Enterprise
- OpenManage Enterprise Graphical User Interface overview
- OpenManage Enterprise Home portal
- Discovering devices for monitoring or management
- Discover servers automatically by using the server-initiated discovery feature
- Create a device discovery job
- Protocol support matrix for discovering devices
- View device discovery job details
- Edit a device discovery job
- Run a device discovery job
- Stop a device discovery job
- Specify multiple devices by importing data from the .csv file
- Global exclusion of ranges
- Specify discovery mode for creating a server discovery job
- Create customized device discovery jobs for servers
- Specify discovery mode for creating a chassis discovery job
- Create customized device discovery jobs for chassis
- Specify discovery mode for creating a Dell storage discovery job
- Specify discovery mode for creating a network switch discovery job
- Create customized device discovery jobs for HTTPS storage devices
- Create customized device discovery jobs for SSH devices
- Create customized device discovery jobs for SNMP devices
- Specify discovery mode for creating multiple discovery jobs
- Delete a device discovery job
- Manage devices and device groups
- Organize devices into groups
- Create a custom group (Static or Query)
- Create a Static device group
- Create a Query device group
- Edit a static group
- Edit a query group
- Rename a static or query group
- Delete a static or query device group
- Clone a static or query group
- Add devices to a new group
- Add devices to existing group
- Refresh health on group
- Devices list
- All Devices page — device list actions
- Delete devices from OpenManage Enterprise
- Exclude devices from OpenManage Enterprise
- Run inventory on devices
- Update the device firmware and drivers by using baselines
- Refresh the device health of a device group
- Refresh health on devices
- Roll back an individual device's firmware version
- Export the single device inventory
- Performing more actions on chassis and servers
- Hardware information displayed for MX7000 chassis
- Export all or selected data
- View and configure individual devices
- Organize devices into groups
- Managing device inventory
- Manage the device firmware and drivers
- Manage device deployment templates
- Create a deployment template from a reference device
- Create a deployment template by importing a template file
- View a deployment template information
- Edit a server deployment template
- Edit a chassis deployment template
- Edit IOA deployment template
- Edit network properties of a deployment template
- Deploy device deployment templates
- Deploy IOA deployment templates
- Clone deployment templates
- Auto deployment of configuration on yet-to-be-discovered servers or chassis
- Create auto deployment targets
- Delete auto deployment targets
- Export auto deployment target details to different formats
- Overview of stateless deployment
- Define networks
- Edit or delete a configured network
- Export VLAN definitions
- Import network definitions
- Manage Profiles
- Managing the device configuration compliance
- Monitor and Manage device alerts
- Monitor audit logs
- Using jobs for device control
- Manage the device warranty
- Reports
- Managing MIB files
- Troubleshoot connections
- Managing OpenManage Enterprise appliance settings
- Configure OpenManage Enterprise network settings
- Manage OpenManage Enterprise users
- Role and scope-based access control in OpenManage Enterprise
- Add and edit OpenManage Enterprise local users
- Edit OpenManage Enterprise user properties
- Enable OpenManage Enterprise users
- Disable OpenManage Enterprise users
- Delete OpenManage Enterprise users
- Import AD and LDAP groups
- Transfer of ownership of Device Manager entities
- Ending user sessions
- Directory services integration in OpenManage Enterprise
- OpenManage Enterprise login using OpenID Connect providers
- Add an OpenID Connect provider to OpenManage Enterprise
- Configure an OpenID Connect provider policy in PingFederate for role-based access to OpenManage Enterprise
- Configure an OpenID Connect provider policy in Keycloak for role-based access to OpenManage Enterprise
- Test the registration status of OpenManage Enterprise with the OpenID Connect provider
- Edit an OpenID Connect provider details in OpenManage Enterprise
- Enable OpenID Connect providers
- Delete OpenID Connect providers
- Disable OpenID Connect providers
- Security Certificates
- Manage Console preferences
- Set the login security properties
- Customize the alert display
- Configure SMTP, SNMP, and Syslog alerts
- Manage incoming alerts
- Manage warranty settings
- Check and update the version of the OpenManage Enterprise and the available plugins
- Execute remote commands and scripts
- OpenManage Mobile settings
- Enable or disable alert notifications for OpenManage Mobile
- Enable or disable OpenManage Mobile subscribers
- Delete an OpenManage Mobile subscriber
- View the alert notification service status
- Notification service status
- View information about OpenManage Mobile subscribers
- OpenManage Mobile subscriber information
- Troubleshooting OpenManage Mobile
- Other references and field descriptions
- Firmware and DSU requirement for HTTPS
- Schedule Reference
- Firmware baseline field definitions
- Supported and unsupported actions on 'Proxied' sleds
- Schedule job field definitions
- Alert categories after EEMI relocation
- Token substitution in remote scripts and alert policy
- Field service debug workflow
- Unblock the FSD capability
- Install or grant a signed FSD DAT.ini file
- Invoke FSD
- Disable FSD
- Catalog Management field definitions
- Firmware/driver compliance baseline reports— devices with 'Unknown' compliance status
- PowerEdge server naming conventions
Dell EMC OpenManage Enterprise 3.9 User's Guide
Monitor audit logs
About this task
page lists the log data to help you or the Dell EMC Support teams in troubleshooting and analysis. An audit log is recorded when:
The audit log files can be exported to the CSV file format. See
Export all or selected data.
- A group is assigned or access permission is changed.
- User role is modified.
- Actions that were performed on the devices monitored by OpenManage Enterprise.
NOTE
- To perform any tasks on OpenManage Enterprise, you must have necessary user privileges. See Role and scope-based access control in OpenManage Enterprise.
- Scope-based restrictions are not applicable to the Audit logs.
- Currently, for any M1000e chassis discovered with chassis firmware version of 5.1x and earlier, the date in the TIMESTAMP column under Hardware Logs is displayed as JAN 12, 2013. However, for all chassis versions of VRTX and FX2 chassis, the correct date is displayed.
- The file will not be immediately ready for download especially in cases where there is a large set of logs being collected. The collection process happens in the background, and a file save prompt is displayed when the operation is completed.
Steps
-
To view the audit logs, select
.
The audit logs that OpenManage Enterprise stores and displays about the tasks performed by using the appliance are displayed. For example, user login attempts, creation of alert policies, and running different jobs.
- To sort data in any of the columns, click the column title.
-
To quickly search for information about an audit log, click
Advanced Filters.
The following fields are displayed that act as filters to quickly search for data.
-
Enter or select data in the following fields:
- Severity: Select the severity level of a log data. The available options are info, warning, and critical.
- Critical: Any unusual action happened. Immediate attention is needed.
- Warning: The event is significant, but does not need immediate attention.
- Info: Any action performed with success.
- Start Time and End Time: To view audit logs of a specified period.
- User: To view audit logs from a specific user. For example, admin, system, device manager, and viewer.
- Source Address: To view audit logs from a specific system. For example, the system where you have logged in to the OpenManage Enterprise.
- Category: To view audit logs of audit or configuration type.
- Audit: Generated when a user logs in or out of the OpenManage Enterprise appliance.
- Configuration: Generated when any action is performed on a target device.
- Description Contains: Enter the text or phrase contained in the log data that you are searching for. All logs with the selected text are displayed. For example, if you enter warningSizeLimit, all the logs with this text are displayed.
- Message ID: Enter the message ID. If the search criteria matches, only the items with the matching message ID are displayed.
- Severity: Select the severity level of a log data. The available options are info, warning, and critical.
- To remove the filter, click Clear All Filters.
- To export an audit log or all the audit logs, select , or respectively. For more information about exporting the audit logs, see Export all or selected data.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\