View the Audit Log

Use the Security Audit log to track successful logins and logouts, and all attempted logins. This might be required in your environment for compliance reasons.

To view the Audit log:

  1. In the CSM Administrator main window, select the Security category, and then select Audit Log.
    The Audit Log window opens.
  2. Users can then choose from the following:
    • View: Filter the type of record audit logs you want to view by selecting one of the following (the list varies depending on which actions you select to track/log):
      • All records: Displays audit logs for all records.
      • Failed attempts: Displays audit logs for all failed login attempts.

        The values in the User Name column will be blank until after successful authentication.

      • Particular application: Displays audit logs for a specified Cherwell product.
      • Particular login ID: Displays audit logs for a specified login ID.
      • Particular user: Displays audit logs for a specified User.
      • Still logged in: Displays audit logs for all Users currently logged in.
      • Successful attempts: Displays audit logs for all successful login attempts.
    • Refresh: Select this button to refresh the data in the list.
    • Configure: Select this button to select the actions to track. Select the box next to the item to track:
      • Login
      • Logout
      • Failed login attempts
    • File>Clear Log: Clears either all entries from the log or all entries earlier than a specified date. It is recommended that you regularly clear log files because the log can get very large.
    • File>Export/Print: Exports or print the audit log.

Date/Time stamps in the audit log are shown in UTC (Coordinated Universal Time). If your installation is on-premises, Date/Time stamps are shown in the server time zone.