HP OneView 1.05 User Guide
You must have Infrastructure administrator privileges to download the audit log.
Monitor the audit logs because they are rolled over periodically to prevent them from getting too
large. Download the audit logs periodically to maintain a long-term audit history.
Each user has a unique logging ID per session, enabling you to follow a user’s trail in the audit
log. Some actions are performed by the appliance and might not have a logging ID.
A breakdown of an audit entry follows:
DescriptionToken
The date and time of the eventDate/time
The unique identifier of an internal componentInternal component
ID
The organization ID. Reserved for internal useReserved
The login domain name of the userUser domain
The user nameUser name/ID
The user session ID associated with the messageSession ID
The URI of the task resource associated with the messageTask ID
The client (browser) IP address identifies the client machine that initiated the requestClient host/IP
The result of the action, which can be one of the following values:
• SUCCESS
• FAILURE
• SOME_FAILURES
• CANCELED
• KILLED
Result
A description of the action, which can be one of the following values:
•••• CANCELEDUNSETUPLISTADD
• •••MODIFY LOGINDEPLOYENABLE
•• ••DISABLEDELETE LOGOUTSTART
••• •DONESAVEACCESS DOWNLOAD_START
••• KILLEDSETUPRUN
Action
A description of the severity of the event, which can be one of the following values, listed in
descending order of importance:
• INFO
• NOTICE
• WARNING
• ERROR
• ALERT
• CRITICAL
Severity
For REST API category information, see the HP OneView REST API Reference in the online help.Resource category
The resource URI/name associated with the taskResource URI/name
The output message that appears in the audit logMessage
3.7 Understanding the audit log 49