User Activity Audit

The user activity report helps you understand the scope of user activities in your

VMware Aria Operations

instance, such as when users logged in, actions they took on clusters and nodes, changes they made to system passwords, when they activated certificates, and when they logged out.

Where You Audit User Activity

To audit user activity, from the left menu, click

Administration

, and then click the

Audit

tile. The activities that users performed in the environment appear on the page.

User Activity Audit Actions
Option	Description
Download	Download the user activity audit information to a report in PDF or XLS format.
Configure	Configure the settings to send the user activity log to an external syslog server to meet security auditing requirements. Output log to external syslog server. When selected, VMware Aria Operations sends the log to a separate server machine. IP Address or Host Name. Identification for the syslog server. Port. VMware Aria Operations port used to send the audit information to the external server.
Date Range	Display the list of user activities performed in the past based on a selected number of hours, days, weeks, months, or years, or between two specific dates and times.
Starting Line	Indicates the starting line of the file . 0 is for the first line. -1 or no value indicates that the file has to be displayed from the end.
Number of Lines	Specifies the number of lines to be displayed in the search result. For example: If you want to see the first 10 occurrences of a particular chunk of text, enter the number of lines as 10 and the starting line as 0.
Filter	Filters the data according to User ID, User Name, Auth Source, Session, Client IP, Category, and Message.

Audit Users and the Environment in VMware Aria Operations

Content feedback and comments

VMware Aria Operations 8.17.1

User Activity Audit

Where You Audit User Activity