Policy Server Guides › Policy Server Administration Guide › Log File Descriptions

Log File Descriptions

smaccesslog4

The following table describes the logging that appears in smaccesslog4, which logs authentication and authorization activity.

Field Name	Description	Null?	Field Type
sm_timestamp	This marks the time at which the entry was made to the database.	NOT NULL	DATE
sm_categoryid	The identifier for the type of logging. It may be one of the following 1 = Auth 2 = Az 3 = Admin 4 = Affiliate	NOT NULL	NUMBER(38)
sm_eventid	This marks the particular event that caused the logging to occur. It may be one of the following: 1 = AuthAccept 2 = AuthReject 3 = AuthAttempt 4 = AuthChallenge 5 = AzAccept 6 = AzReject 7 = AdminLogin 8 = AdminLogout 9 = AdminReject 10 = AuthLogout 11 = ValidateAccept 12 = ValidateReject 13 = Visit	NOT NULL	NUMBER(38)
sm_hostname	The machine on which the server is running.		VARCHAR2(255)
sm_sessionid	This is the session identifier for this user’s activity.		VARCHAR2(255)
sm_username	The username for the user currently logged in with this session.		VARCHAR2(512)
sm_agentname	The name associated with the agent that is being used in conjunction with the policy server.		VARCHAR2(255)
sm_realmname	This is the current realm in which the resource that the user wants resides.		VARCHAR2(255)
sm_realmoid	This is the unique identifier for the realm.		VARCHAR2(64)
sm_clientip	This is the IP address for the client machine that is trying to utilize a protected resource.		VARCHAR2(255)
sm_domainoid	This is the unique identifier for the domain in which the realm and resource the user is accessing exist.		VARCHAR2(64)
sm_authdirname	This not used by the reports generator.		VARCHAR2(255)
sm_authdirserver	This not used by the reports generator.		VARCHAR2(512)
sm_authdir-namespace	This not used by the reports generator.		VARCHAR2(255)
sm_resource	This is the resource, for example a web page, that the user is requesting.		VARCHAR2(512)
sm_action	This is the HTTP action. Get, Post, and Put.		VARCHAR2(255)
sm_status	This is some descriptive text about the action.		VARCHAR2(1024)
sm_reason	These are the motivations for logging. 32000 and above are user defined. They are as follows: 0 = None 1 = PwMustChange 2 = InvalidSession 3 = RevokedSession 4 = ExpiredSession 5 = AuthLevelTooLow 6 = UnknownUser 7 = UserDisabled 8 = InvalidSessionId 9 = InvalidSessionIp 10 = CertificateRevoked 11 = CRLOutOfDate 12 = CertRevokedKeyCompromised 13 = CertRevokedAffiliationChange 14 = CertOnHold 15 = TokenCardChallenge 16 = ImpersonatedUserNotInDi 17 = Anonymous 18 = PwWillExpire 19 = PwExpired 20 = ImmedPWChangeRequired 21 = PWChangeFailed 22 = BadPWChange 23 = PWChangeAccepted 24 = ExcessiveFailedLoginAttempts 25 = AccountInactivity 26 = NoRedirectConfigured 27 = ErrorMessageIsRedirect	NOT NULL	NUMBER(38)
sm_reason (continued)	28 = Tokencode 29 = New_PIN_Select 30 = New_PIN_Sys_Tokencode 31 = New_User_PIN_Tokencode 32 = New_PIN_Accepted 33 = Guest 34 = PWSelfChange 35 = ServerException 36 = UnknownScheme 37 = UnsupportedScheme 38 = Misconfigured 39 = BufferOverflow
sm_transactionid	This is not used by the reports generator.		VARCHAR2(255)
sm_domainname	This is the name of the domain in which the realm and resource the user is accessing exist.	NULL	VARCHAR2(255)
sm_impersonator-name	This is the login name of the administrator that is acting as the impersonator in an impersonated session.	NULL	VARCHAR2(512)
sm_impersonator-dirname	This is the name of the directory object that contains the impersonator.	NULL	VARCHAR2(255)

smobjlog4

The following table describes the logging that appears in smobjlog4, which logs administrative events.

Field Name	Description	Null?	Type
sm_timestamp	This marks the time at which the entry was made to the database.	NOT NULL	DATE
sm_categoryid	The identifier for the type of logging. It may be one of the following: 1 = Auth 2 = Agent 3 = AgentGroup 4 = Domain 5 = Policy 6 = PolicyLink 7 = Realm 8 = Response 9 = ResponseAttr 10 = ResponseGroup 11 = Root 12 = Rule 13 = RuleGroup 14 = Scheme 15 = UserDirectory 16 = UserPolicy 17 = Vendor 18 = VendorAttr 19 = Admin 20 = AuthAzMap 21 = CertMap 22 = ODBCQuery 23 = SelfReg 24 = PasswordPolicy 25 = KeyManagement 26 = AgentKey 27 = ManagementCommand 28 = RootConfig	NOT NULL	NUMBER(38)
sm_categoryid (continued)	29 = Variable 30 = VariableType 31 = ActiveExpr 32 = PropertyCollection 33 = PropertySection 34 = Property 35 = TaggedString 36 = TrustedHost 37 = SharedSecretPolicy	NOT NULL	NUMBER(38)
sm_eventid	This marks the particular event that caused the logging to occur. It may be one of the following: 1 = Create 2 = Update 3 = UpdateField 4 = Delete 5 = Login 6 = Logout 7 = LoginReject 8 = FlushAll 9 = FlushUser 10 = FlushUsers 11 = FlushRealms 12 = ChangeDynamicKeys 13 = ChangePersistentKey 14 = ChangeDisabledUserState 15 = ChangeUserPassword 16 = FailedLoginAttemptsCount 17 = ChangeSessionKey	NOT NULL	NUMBER(38)
sm_hostname	This is not used by the reports generator for administrative logging.		VARCHAR2(255)
sm_sessionid	This is the session identifier for this user’s activity.		VARCHAR2(255)
sm_username	The username for this administrator.		VARCHAR2(512)
sm_objname	This is the object in the administrator that is being accessed.		VARCHAR2(512)
sm_objoid	This is the unique identifier for the object being accessed in the administrator. This is not used by the reports generator.		VARCHAR2(64)
sm_fielddesc	This is some descriptive text for the action being taken by the administrator.		VARCHAR2(1024)
sm_domainoid	This is the unique identifier for the domain that has an object being modified in the administrator. This is not used by the reports generator.		VARCHAR2(64)
sm_status	This is some descriptive text about the action. This is not used by the reports generator.		VARCHAR2(1024)