/build/static/layout/Breadcrumb_cap_w.png
05/24/2019 366 views

Is it possible to have my K1000 SMA send an alert or at least allow me to build a report that shows when the last logon time was that the K1000 Admins have last logged into the appliance? We have an issue in our environment that a few KACE admins are using a generic account to change things that should not be changed and I would like to have the following:

FROM IP (i.e. the IP Address from the logon of the account)

DATE/TIME

KACE ADMIN ACCOUNT USED (of the account the person tried to access)

STATUS of the attempted login (i.e. failed, success, etc)


I do know that the User Authentication Log (in the Settings > Logs area) is useful on a daily basis to see who logged in, but it doesn't give any past historical records greater than today's date and time. Ultimately, a report that we can run based upon a specific KACE Admin account would be nice, but i would be ok in having a full login history of any KACE Admin account during a specific time frame. If the report is not achievable, what about an alert that is sent out to an email distribution log that would let the compliance team know that there was an attempted login of an account?


Thanks for your help.

0 Comments   [ + ] Show comments

Comments


All Answers

1

Why not reset the admin password and don't tell them.......that should stop the negative behaviour ;o)

Answered 05/28/2019 by: Hobbsy
Red Belt

  • While that would stop the behavior, it doesn't solve the ability to run a report to see who is logging in. I am ultimately trying to get an admin login report.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share