Login and logout Syslog messages

Each time a user logs in or out of ASMS, a log entry is created in the /var/log/messages directory. This includes internal logins, such as when FireFlow opens a session to run a traffic simulation query in AFA.

In this topic:

Login and logout syslog message contents

Syslog entries for login and logout events include the following details:

• Date and time

• ASMS build version

• Event name, such as "Successful login". For details, see Login and logout syslog event reference.

• Severity level: 0

• The domain ID. This should always appear as NONE.

• The username.
• The IP address of the browsing computer. Internal events do not include the IP address, because it will always be the localhost.

Back to top

Login and logout syslog event reference

The following table lists basic login and logout events that generate Syslog messages. Your system may generate additional messages depending on your configuration.

Message	Description
Internal Connection	Internal connection event
Internal Connection - Manual logout	Internal connection event related to a manual logout
Internal Connection - Session expired logout	Internal connection event related to a logout due to a session expiration
Internal Connection - Successful login	Internal connection event related to a successful login
Login Failed - System Error	Log in failed because of a system error.
Manual logout	User manually logged out
Session Expired	User session expired and user is logged out
Successful login	Successful login occurred
Unsuccessful login	Log in failed because of invalid input. Additional details about the failure are included in the message.

Back to top

Sample login and logout Syslog messages

Successful login event

Unsuccessful login because of user input

Unsuccessful login because of a system error

Internal login

Manual logout

Session Expired

 

Back to top