Initial view

When Log Viewer is invoked, it initially loads the current Audit log file, selects the last page and scrolls directly to the bottom of the page, displaying the log entries that were last written by Ubisecure SSO.


Figure 1: Log Viewer initial view, viewing Audit log

Note that initially the extended log entry information is not shown on the page, in order to make the event history more legible.

Date / Type - Selection menus

These dropdown-select boxes make it easier to navigate to a certain date. The view updates immediately when any field is changed. The date fields are laid out in descending format, that is: year, month and day. Only the years, days and months of logs that are in the logs directory, are shown in selection list.

Ext. Msg. radio buttons

Ext. msg. is an abbreviation of extended messages. These are initially turned off in order to make the view more legible. Changing the value immediately updates the view. Multi-line system errors are only displayed if Ext. msg is on.

Entries/Page menu

Available options are 22, 50, 100 and all. Changing this value immediately updates the view with the new values. Note that it also resets the view to the beginning of the log file.

Page navigation links

These links vary depending on the number of available pages as follows:

for 1 page – Refresh
for 2 pages - First Page, Last Page
greater than or equal to 3 pages First Page, Prev Page, Next Page, Last Page

In addition to reloading the log file, "Refresh" and "Last Page" will dynamically scroll the view down to the last available log entry. This feature makes it easier to trace newly written log entries if the view holds more entries than can be viewed simultaneously.

Logfile navigation buttons

These buttons navigate between the entire range of log files of the currently selected type – for example, seeing the same log type from the next or previous day.

Headers

Log Viewer's each header is a generic description of the individual event's each field. Since most events contain different information by type, the view would expand inconveniently if each field were represented under an exactly describing header and therefore make the event tracing cumbersome.

Entry representation of Audit-Events:

About the different entry types (authentication method list, authentication method selection, login, etc.) and content of them see also Audit log description.

Headers	Name by specification
REMOTE_ADDR	addr
ACTION	"login"
USER INFO
INFO
MASTER SESSION	masterSessionId
LOGIN INFO	authMethod
APPLICATION	application
USER AGENT	userAgent

The "invalid login" event

Headers	Name by specification
REMOTE_ADDR	addr
ACTION	"invalid.login"
USER INFO	loginName
INFO	reason
MASTER SESSION	masterSessionId
LOGIN INFO	authMethod
APPLICATION	application
USER AGENT	userAgent

The "ticket granted" event

Headers	Name by specification
REMOTE_ADDR	addr
ACTION	"ticket granted"
USER INFO	mappedUsername (userName)
INFO	application URL
MASTER SESSION	masterSessionId
LOGIN INFO	requestId
APPLICATION	application
USER AGENT	userAgent

The "access denied" event

Headers	Name by specification
REMOTE_ADDR	addr
ACTION	"access denied"
USER INFO
INFO	reason
MASTER SESSION	masterSessionId
LOGIN INFO
APPLICATION	application
USER AGENT	userAgent

The "logout" event

Headers	Name by specification
REMOTE_ADDR	addr
ACTION	"logout"
USER INFO
INFO
MASTER SESSION	masterSessionId
LOGIN INFO
APPLICATION
USER AGENT	userAgent

The "authentication method list" event

Headers	Name by specification
REMOTE_ADDR	addr
ACTION	"authentication method list"
USER INFO
INFO
MASTER SESSION	masterSessionId
LOGIN INFO
APPLICATION	application
USER AGENT	userAgent

The "authentication method selected" event

Headers	Name by specification
REMOTE_ADDR	addr
ACTION	"authentication method selected"
USER INFO
INFO
MASTER SESSION	masterSessionId
LOGIN INFO	authMethod
APPLICATION	application
USER AGENT	userAgent

The "assertion received" event

Headers	Name by specification
REMOTE_ADDR	addr
ACTION	"assertion received"
USER INFO
INFO	authenticatorId / attributes
MASTER SESSION	masterSessionId
LOGIN INFO	authMethod
APPLICATION
USER AGENT	userAgent

Entry representation of Diag-Events:

About the different entry types (authentication method list, authentication method selection, login, etc.) and content of them see also Diag log description.

All events

Headers	Description
CONTEXT	Which web application caused the event (`uas`, `sso-api`, `search`, etc.)
TYPE	Diagnostic entry type or the class name printing the event
LEVEL	The log level
IP ADDRESS	The client's ip address - `sso-api` events only
MESSAGE	The actual log message, in case of `sso-api` it starts with the authenticated user name (sub)

Browser not supported