Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication
  6. Domain Security
  7. SAML Authentication for Informatica Web Applications
  8. Security Management in Informatica Administrator
  9. Users and Groups
  10. Privileges and Roles
  11. Permissions
  12. Audit Reports
  13. Command Line Privileges and Permissions
  14. Custom Roles
  15. Default List of Cipher Suites

Security Guide

Security Guide

User Activity Log Filters

User Activity Log Filters

Use one or more filters to retrieve log events for specific users, dates, or events.
Use one or more of the following parameters for the infacmd isp getUserActivityLog command to filter log events:
Users and security domains
Optional. The list of users that you want to get log events for. Separate multiple users with a space. Use the wildcard symbol (*) to view logs for multiple users on a single security domain or all security domains. For example, the following strings are valid values for the option:
user:Native
"user:*"
"user*"
"*_users_*"
"*:Native"
Add the following parameter to the getUserActivityLog command to filter log events based on user or security domain:
-usrs <UserName>:<SecurityDomain>
For example, add the following parameter to retrieve user activity for a user named User1 on all security domains:
-usrs "User1:*"
Date and time
Optional. The range of dates you want to view log events for.
If you enter an end date that is before the start date, the command returns no log events.
Enter the date and time in one of the following formats:
  • MM/dd/yyyy
  • MM/dd/yyyy HH:mm:ss
  • yyyy-MM-dd
  • yyyy-MM-dd HH:mm:ss
Add the following parameter to the getUserActivityLog command to filter the log by start date or end date:
-sd <start_date> -ed <end_date>
For example, add the following parameter to retrieve user activity between January 1, 2014 and February 3, 2014:
-sd 01/01/2014 -ed 02/03/2014
Activity code
Optional. Returns log events based on the activity code.
Use the wildcard symbol (*) to retrieve log events for multiple activity codes. Valid activity codes include:
  • CCM_10437. Indicates that an activity succeeded.
  • CCM_10438. Indicates that an activity failed.
  • CCM_10778. Indicates that a login attempt with custom properties succeeded.
  • CCM_10779. Indicates that a login attempt with custom properties failed.
  • CCM_10786. Indicates that a login attempt without custom properties succeeded.
  • CCM_10787. Indicates that a login attempt without custom properties failed.
Add the following parameter to the getUserActivityLog command to filter by activity code:
-ac <activity_code>
For example, add the following parameter to retrieve log events that succeeded:
-ac CCM_10437
If you use the wildcard symbol, enclose the argument in quotation marks.
Activity text
Optional. Returns log events based on a string found in the activity text.
Add the following parameter to the getUserActivityLog command to filter by activity text:
-atxt <activity_text>
Use the wildcard symbol (*) to retrieve logs for multiple events. For example, the following parameter returns all log events that contain the phrase "Enabling service" in their description:
-atxt "*Enabling service*"
If you use the wildcard symbol, enclose the argument in quotation marks.
Chronological order
Optional. Prints log events in reverse chronological order. If you do not specify this parameter, the command displays log events in chronological order.
Add the following parameter to the getUserActivityLog command to print the most recent event first:
-ro true


Updated October 10, 2019


Explore Informatica Network