Analyzing the AuthenticationLog Database Table

All authentication attempts (both successes and failures) are logged in the AuthenticationLog database table. The following are the rows of interest on this table:

Table 1. Contents of the Authentication Log
Field	Meaning
timeEntered	The timestamp of the entry in the log.
userName	The username associated with the login attempt.
altLogin	Boolean indication of whether the username represents an alternate Login ID. When this column equals '1' (true) the value in the userName column is an alternate login ID as per Alternate Login IDs; otherwise, the userName column represents the userName from the Users or ExternalUser table.
loginFailures	The number of login failures for this user since their last successful login.
lastLogin	The date and time of the last successful login.
loginStatus	The status of the login attempt. This may be one of: LOGIN: Successful login. ACCDISABLE: The account has been explicitly disabled. ACCEXPIRED: The password expiry date has been reached. PWDEXPIRED: The number of days which the user was given to change their password has been exceeded. BADUSER: The user does not exist. AUTHONLY: This is used in the case of identity only authentication and indicates that only authorization verifications will be performed. BADPWD: The specified password was incorrect. BREAKIN: A specified number of incorrect passwords has been reached. The account is disabled. RESTRICTED: The user is not allowed access the system at this time. LOGEXPR: The number of login attempts which the user was given to change their password has been exceeded. AMBIGUOUS: The specified username is ambiguous as it is a case insensitive duplicate of another username.

The LogAdmin API can be used to query the AuthenticationLog database table. The Java documentation for this class should be referenced for further details.