Table 7 Logged actions and descriptions

Logged Action

Description

 

 

Search

Simple or advanced searches performed by the user.

 

 

Query Result

Information about the query results returned or displayed.

 

 

Navigation

Navigation through the query results.

 

 

View Message

Emails displayed from the query results.

 

 

View Document

Documents displayed from the query results.

 

 

Download

Email attachments downloaded by the user.

 

 

Mail

Emails or documents sent to the user.

 

 

Export

Emails or documents exported by the user.

 

 

Save Query

Queries saved by the user.

 

 

Save Query Result

Query results saved by the user.

 

 

Start Quarantine

Saved query results quarantined by the user.

 

 

Delete Quarantine

Quarantined query results deleted by the user.

 

 

TIP:

You can use boolean expressions AND, OR, and NOT when entering search criteria.

5.Advanced searches only: To refine the search, use the additional query fields as shown in the following table.

Table 8 Additional advanced search query fields (for audit log repository searches)

Query Field

Matches

 

 

Document Name

Name of the component generating the audit log. For example: RISS Web

 

Interface. This is the only option available at this time.

 

 

Document Path

Host or IP address of the host where the audit log was generated. For

 

example: hp-s0-1-93.hp.com.

 

 

Extension

File extension. Not used because the audit log is always an XML file.

 

 

Title

Not used because it is not applicable to audit log files.

 

 

Author

Used to search for a specific user. Enter one of the following criterion:

 

• User ID: Enter the login name of the user, such as jdoe.

 

• First Name: Enter the first name from the LDAP directory for the

 

user, such as John.

 

• Last Name: Enter the last name from the LDAP directory for the

 

user, such as Doe.

6.Click Find Now to start the search. The Query Results page displays the following information:

User: User for which the audit log was created.

Session Start: Start time of the user session.

Session End: End time of the user session.

Size: Size of the session audit log file.

Server: Server (HTTP portal) on which the audit log session was captured.

Date: Date the audit log file was archived.

7.To display the contents of an audit log file in the viewing pane, click the item from the list. If needed, click New Window to display the audit log content in a new window.

30 RISS Web Interface

Page 30
Image 30
HP RISS Components manual Logged actions and descriptions, Logged Action Description, Query Field Matches