EFA provides full audit trail logging, including the successes and failures of user actions, which creates a 1-to-1 mapping between every action coming from EFA and a corresponding audit trail event from SLX.
Any configuration action on an SLX devices results in the generation of an audit trail. The
name of the user is extracted from the token that the user logged in with. The user is
assigned the role of admin
as the default role on the device.
For OpenStack, the user name has the following format: <OpenStack tenant UUID> -
<OpenStack user name> - <EFA tenant name>
.
78 AUDIT, 2020/01/26-14:04:21 (GMT), [DCM-1006], INFO, DCMCFG, <ClientUserID>/ <ClientRole>/10.6.46.51/SSH/netconf,, SLX, Event: database commit transaction, Status: Succeeded, User command: "configure config username test1 role admin password ****".
The ClientUserID
and ClientRole
values are derived from
the User
and AuditLogRole
variables, which
originate from the values in the access token when the NETCONF or SSH session was
established.