Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
HI
I'm doing some security checks on QlikView and QMC,
and my question is - which of these events are logged (success/failure) ?
- Login attempts,
- resource access attempts,
- configuration changes,
- administrative actions,
- permissions changes
I have to know if the Event logs contain:
Date & time, source, destination, user details, event description.
for example - I want to know who is the user who made configuration changes ?
I want to know the Date & time, source, destination, user details, event description.
Thank you all
Yes it does. Enable the QMC audit, by editing the file:
C:\Program Files\QlikView\Management Service\QVManagementService.exe.config
And using values
<!-- ****** Audit logging ****** -->
<!-- Enable logging of changes to QVPR. Requires restart of QMS after change. -->
<add key="EnableAuditLogging" value="true"/>
<!-- Folder where audit logs should be stored. Default is ApplicationDataFolder\AuditLog - -->
<add key="AuditLogFolder" value=""/>
<!-- The maximum number of days to keep audit logs -->
<add key="AuditLogKeepMaxDays" value="30"/>
Thanks Miguel
I did it, I believe what I'm looking for is there...
But most of the information in the Audit log file seems unreadable,
the USER ID appears like code of numbers and letters.
How can I decipher what is written there ?
Thanks
Do you mean the Audit.log ? Identified users are populated in the form DIRECTORY\USERNAME, if you can post some examples and where did you retrieve that information from that would be useful. In my audit logs I can see all users in a readable format.