Authentication and Authorization Format

If the event category ID is authentication (SmLogAccessCat_Auth) or authorization (SmLogAccessCat_Az), the format is:
casso126
If the event category ID is authentication (SmLogAccessCat_Auth) or authorization (SmLogAccessCat_Az), the format is:
lpszEvent lpszHostName lpszTimeString "szClientIp szUserName" "szAgentName szAction szResource" [szTransactionId] [nReason] szStatusMsg
Elements in the above format example are described as follows:
  • lpszEvent. The name (type) of the access event:
    SmLogAccessEvent_AuthAccept : lpszEvent = "AuthAccept"
    SmLogAccessEvent_AuthReject : lpszEvent = "AuthReject"
    SmLogAccessEvent_AuthAttempt : lpszEvent = "AuthAttempt"
    SmLogAccessEvent_AuthChallenge : lpszEvent = "AuthChallenge"
    SmLogAccessEvent_AzAccept : lpszEvent = "AzAccept"
    SmLogAccessEvent_AzReject : lpszEvent = "AzReject"
    SmLogAccessEvent_AdminLogin : lpszEvent = "AdminLogin"
    SmLogAccessEvent_AdminLogout : lpszEvent = "AdminLogout"
    SmLogAccessEvent_AdminReject : lpszEvent = "AdminReject"
    SmLogAccessEvent_AuthLogout : lpszEvent = "AuthLogout"
    SmLogAccessEvent_ValidateAccept : lpszEvent = "ValidateAccept"
    SmLogAccessEvent_ValidateReject : lpszEvent = "ValidateReject"
  • lpszHostName. The name of the host.
  • lpszTimeString. The timestamp of the occurrence of the event, in the format: [<date>/<month>/<year>:<hour>:<minute>:<second> <difference from GMT>]. For example: [27/Jun/2000:11:27:29 -0500]
  • szClientIp. The IP address of the client machine.
  • szUserName. The name of the user.
  • szAgentName. The name of the agent.
  • szAction. The action associated with the resource.
  • szResource. The accessed resource.
  • [szTransactionId]. A string that contains: idletime=<value>.
  • [nReason]. The reason associated with the event. Reasons are enumerated in Sm_Api_Reason_t, which is in SmApi.h.
  • szStatusMsg. The message associated with the event. The message depends on the event type, as shown in in the following table:
Event
Role of szStatusMsg
SmLogAccessEvent_AdminLogin
Holds the UserMsg returned by the authentication scheme.
SmLogAccessEvent_AdminReject
Holds the ErrorMsg returned by the authentication Scheme
SmLogAccessEvent_AuthAccept
Holds the UserMsg.
SmLogAccessEvent_AuthReject
Holds a concatenated string of UserMsg and ErrorMsg.
SmLogAccessEvent_AuthAttempt
Holds a concatenated string of UserMsg and ErrorMsg.
SmLogAccessEvent_AuthChallenge
Holds the UserMsg.
SmLogAccessEvent_ValidateAccept
Is an empty string.
SmLogAccessEvent_ValidateReject
Holds an error message containing the reason for validate reject. Examples:"Invalid session token" "Invalid session id" "Invalid session ip" "Invalid user DN""Session has expired""Invalid key in use""Invalid error status"
SmLogAccessEvent_AuthLogout
An empty string.
SmLogAccessEvent_AzAccept
An empty string.
SmLogAccessEvent_AzReject
Depending on the type of az reject, it is a string explaining the reason for the reject. Examples: "Invalid session type for   affiliate agent" "Invalid session type" "Session not authorized for   this security level"
For example:
AuthAccept testbox [27/Jun/2000:11:27:29 -0500] "190.158.4.90 uid=scarter,ou=people,o=airius.com" "testagent GET /test/index.html" [idletime=3600;maxtime=7200;authlevel=5;] [0]
In this example,
  • lpszEvent is AuthAccept
  • lpszHostName is testbox
  • lpszTimeString is [27/Jun/2000:11:27:29 -0500]
  • szClientIp is 190.158.4.90
  • szUserName is uid=scarter,ou=people,o=airius.com
  • szAgentName is testagent
  • szAction is GET
  • szResource is /test/index.html
  • [szTransactionId] is [idletime=3600;maxtime=7200;    authlevel=5;]
  • [nReason] is [0]
  • szStatusMsg is not specified.