The user log traces user activity on the server. It tracks users who are blocked by lack of free floating tokens and failed login attempts. Tracking failed login attempts helps to detect any unauthorized access to BMC Remedy AR System. By default, the log file is named aruser.log.
This log enables you to see who is connecting to BMC Remedy AR System and when they connect. It indicates floating license use (and any rejected connections due to all floating licenses being in use) to help you plan for your floating license needs.
The file contains a line of information for every connection or disconnection from the BMC Remedy AR System server. This enables you to track users accessing the system. A typical line in the file might look like the following example:
<USER> <TID: 0000001084> <RPC ID: 0000003673> <Queue: Admin > <Client-RPC: 390600> <USER: Chris Cadre> /* Thu Mar 15 2007 08:22:59.4650 */ <USER> FIXED GRANT WRITE Chris Cadre
The line starts with a tag that identifies it as a user log entry (<USER> ), followed by the thread ID, RPC ID, queue, and Client RPC information. Next, the user is identified, followed by the time stamp. The entry detail starts with the type of license used (READ, FIXED, or FLOAT ). After the license type is the operation that was performed.
If the type of license is FLOAT, additional information reports the number of licenses in use at that time and the number that are available. Also included is the name of the user performing the operation.
In the following example, Chris Cadre was granted a floating write license. Of the five floating write licenses, none is left.
<USER> <TID: 0000001084> <RPC ID: 0000003673> <Queue: Admin > <Client-RPC: 390600> <USER: Chris Cadre> /* Thu Mar 15 2007 08:22:59.4650 */ FLOAT GRANT WRITE Chris Cadre (5 of 5 write)
Following is a sample user log file:
<USER> <TID: 0000001084> <RPC ID: 0000003673> <Queue: Admin > <Client-RPC: 390600> <USER: Alex Administrator> /* Thu Mar 15 2007 08:22:59.4650 */ FIXED GRANT WRITE Alex Administrator <USER> <TID: 0000001072> <RPC ID: 0000003681> <Queue: Fast > <Client-RPC: 390620> <USER: Chris Cadre> /* Thu Mar 15 2007 08:23:11.5580 */ <USER> LOGIN FAILED (password) Chris Cadre <USER> <TID: 0000001084> <RPC ID: 0000003698> <Queue: Admin > <Client-RPC: 390600> <USER: Chris Cadre > /* Thu Mar 15 2007 08:23:59.0900 */ FIXED GRANT WRITE Chris Cadre
User log operations
A connection was established for a user with a write license.
A license was released explicitly by an administrator.
A write license was released by a time-out.
An external authorization informational message was recorded.
A connection was released by exiting the client.
A user connection was released by a time-out.
A user connection was released explicitly by an administrator.
An attempt was made to log on as this user, but the password was invalid.
NO WRITE FREE
A user with a floating write license attempted to connect. However, no floating license tokens were available. A connection was established for read access only.
A connection for a user was upgraded from a read connection to a write connection as a floating write license token became available.
A user experienced an address conflict with multiple logins. The detail information describes the addresses and if override is allowed.
A user was allowed to override an existing login.