Policy Server GuidesPolicy Server Administration GuideLog File Descriptions › smaccesslog4

Previous Topic: Log File Descriptions

Next Topic: smobjlog4

smaccesslog4

The following table describes the logging that appears in smaccesslog4, which logs authentication and authorization activity.

Field Name

Description

Null?

Field Type

sm_timestamp

This marks the time at which the entry was
made to the database.

NOT NULL

DATE

sm_categoryid

The identifier for the type of logging.
It may be one of the following

  • 1 = Auth
  • 2 = Az
  • 3 = Admin
  • 4 = Affiliate

NOT NULL

NUMBER(38)

sm_eventid

This marks the particular event that caused the logging to occur. It may be one of the following:

  • 1 = AuthAccept
  • 2 = AuthReject
  • 3 = AuthAttempt
  • 4 = AuthChallenge
  • 5 = AzAccept
  • 6 = AzReject
  • 7 = AdminLogin
  • 8 = AdminLogout
  • 9 = AdminReject
  • 10 = AuthLogout
  • 11 = ValidateAccept
  • 12 = ValidateReject
  • 13 = Visit

NOT NULL

NUMBER(38)

sm_hostname

The machine on which the server is running.

 

VARCHAR2(255)

sm_sessionid

This is the session identifier for this user's activity.

 

VARCHAR2(255)

sm_username

The username for the user currently logged in with this session.

 

VARCHAR2(512)

sm_agentname

The name associated with the agent that is being used in conjunction with the policy server.

 

VARCHAR2(255)

sm_realmname

This is the current realm in which the resource that the user wants resides.

 

VARCHAR2(255)

sm_realmoid

This is the unique identifier for the realm.

 

VARCHAR2(64)

sm_clientip

This is the IP address for the client machine
that is trying to utilize a protected resource.

 

VARCHAR2(255)

sm_domainoid

This is the unique identifier for the domain in which the realm and resource the user is accessing exist.

 

VARCHAR2(64)

sm_authdirname

This not used by the reports generator.

 

VARCHAR2(255)

sm_authdirserver

This not used by the reports generator.

 

VARCHAR2(512)

sm_authdir-namespace

This not used by the reports generator.

 

VARCHAR2(255)

sm_resource

This is the resource, for example a web page, that the user is requesting.

 

VARCHAR2(512)

sm_action

This is the HTTP action. Get, Post, and Put.

 

VARCHAR2(255)

sm_status

This is some descriptive text about the action.

 

VARCHAR2(1024)

sm_reason

These are the motivations for logging. 32000
and above are user defined. They are as
follows:

  • 0 = None
  • 1 = PwMustChange
  • 2 = InvalidSession
  • 3 = RevokedSession
  • 4 = ExpiredSession
  • 5 = AuthLevelTooLow
  • 6 = UnknownUser
  • 7 = UserDisabled
  • 8 = InvalidSessionId
  • 9 = InvalidSessionIp
  • 10 = CertificateRevoked
  • 11 = CRLOutOfDate
  • 12 = CertRevokedKeyCompromised
  • 13 = CertRevokedAffiliationChange
  • 14 = CertOnHold
  • 15 = TokenCardChallenge
  • 16 = ImpersonatedUserNotInDi 
  • 17 = Anonymous
  • 18 = PwWillExpire
  • 19 = PwExpired
  • 20 = ImmedPWChangeRequired
  • 21 = PWChangeFailed
  • 22 = BadPWChange
  • 23 = PWChangeAccepted
  • 24 = ExcessiveFailedLoginAttempts
  • 25 = AccountInactivity
  • 26 = NoRedirectConfigured      
  • 27 = ErrorMessageIsRedirect 

NOT NULL

NUMBER(38)

sm_reason
(continued)
  • 28 = Tokencode
  • 29 = New_PIN_Select
  • 30 = New_PIN_Sys_Tokencode
  • 31 = New_User_PIN_Tokencode
  • 32 = New_PIN_Accepted
  • 33 = Guest
  • 34 = PWSelfChange
  • 35 = ServerException
  • 36 = UnknownScheme
  • 37 = UnsupportedScheme
  • 38 = Misconfigured
  • 39 = BufferOverflow

 

 

sm_transactionid

This is not used by the reports generator.

 

VARCHAR2(255)

sm_domainname

This is the name of the domain in which the realm and resource the user is accessing exist.

NULL

VARCHAR2(255)

sm_impersonator-name

This is the login name of the administrator that is acting as the impersonator in an impersonated session.

NULL

VARCHAR2(512)

sm_impersonator-dirname

This is the name of the directory object that contains the impersonator.

NULL

VARCHAR2(255)

Copyright © 2010 CA. All rights reserved. Email CA about this topic