If you have access rights to a server configuration, you can view its security event log at any time. The security event log
is not a typical .Log file, as its data is stored in the application database. This operation can be performed only when the
server is running.
- Add item owner
- Indicates that a user created a folder or an item.
- Add user/group
- Indicates that a user or group was added to the server configuration.
- Add/Edit container access rights
- Indicates that access rights were added or changed for a group of objects contained in another object. For example, if you
select
and change rights for all change requests in the project, that event fits into this category.
- Add/Edit item access rights
- Indicates that access rights were added or changed for a specific object. For example, if you change access rights for a project,
that event fits into this category.
- Change user
- Indicates that someone changed user names as part of a replication process. This event can occur when special clients, such
as Notification Agent, perform operations.
- Delete container access rights
- Indicates that access rights were deleted at the container level.
- Delete item access rights
- Indicates that access rights were deleted at the item level.
- Delete user/group
- Indicates that a user or group was deleted.
- Edit user/group
- Indicates that the properties for a user or group were changed in some way.
- Force user logoff
- Indicates that a user was forced to log off the server configuration.
- Item access check
- Indicates that access rights were checked to see if the user could access a specific item.
- Logoff
- Indicates that a user logged off the server configuration.
- Logon
- Indicates that a user logged on to the server configuration.
- Logon attempt: Account lockout
- Indicates that a user attempted to log on and the account was locked.
- Logon attempt: Expired password
- Indicates that a user attempted to log on and the password had expired.
- Logon attempt: No such user name
- Indicates that a user attempted to log on with a non-existent user name.
- Logon attempt: Restricted access time
- Indicates that a user attempted to log on at a time when he or she was not allowed access.
- Logon attempt: Suspended account
- Indicates that a user attempted to log on and the account was suspended.
- Logon failure
- Indicates that an incorrect password was used during the logon process.
- Policy change
- Indicates that a system policy has changed.
- User status change
- Indicates that an administrator suspended, reactivated, locked, unlocked, or required a password change on a user’s account.