File name: rsec_sa_context_object_fields.htmlContext
object fields
Each auditable event has an associated
set of information
that is available for logging. This information is grouped into specific
context objects. The context objects that are available for logging
a specific event are specified by the event type. This topic details
the information that exists for each context object and specifies
whether the information is logged by default or is only logged when
the verbose logging option is enabled.
The SessionContextObj
object
Table 1. SessionContextObj
fields. This table
lists the SessionContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
sessionId |
String |
An identifier
for the user session |
Default |
remoteAddr |
String |
The IP address
for the remote host |
Default |
remotePort |
String |
The port of
the remote host |
Default |
remoteHost |
String |
The host name of the remote host |
Default |
The PropagationContextObj object
Table 2. PropagationContextObj fields. This
table lists the PropagationContextObj fields.
Field |
Type |
Description |
Default or Verbose logging |
firstCaller |
String |
The identity
of the first user in the caller
list |
Default |
callerList |
String
array |
A list of names representing the
identities
of the users |
Verbose |
The RegistryContextObj
object
Table 3. RegistryContextObj
fields. This table
lists the RegistryContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
type |
String |
The type of
user registry being used, such as
LDAP or AIX® |
Default |
The ProcessContextObj
object
Table 4. ProcessContextObj
fields. This table
lists the ProcessContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
domain |
String |
The domain
to which the user belongs |
Verbose |
realm |
String |
The registry partition to which the user belongs |
Default |
The EventContextObj object
Table 5. EventContextObj fields. This table lists
the EventContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
lastEventTrailId |
String |
The
last ID associated with a given transaction |
Verbose |
eventTrailId |
String array |
An
array of IDs that allow events that belong
to a given transaction to be correlated |
Default |
creationTime |
Date |
The date an event
was created |
Default |
globalInstanceId |
Long |
The unique identifier of this event |
Default |
The DelegationContextObj object
Table 6. DelegationContextObj fields. This
table lists the DelegationContextObj fields.
Field |
Type |
Description |
Default or Verbose logging |
delegationType |
String |
no delegation,
simple delegation, method delegation
or switch user delegation |
Default |
roleName |
String |
The Run as
role being used: runAsClient, runAsSpecified,
runAsSystem, own ID |
Default |
identityName |
String |
Information
about the mapped user |
Default |
The AuthnContextObj
object
Table 7. AuthnContextObj
fields. This table lists
the AuthnContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
authnType |
String |
The type of
authentication used |
Default |
The ProviderContextObj
object
Table 8. ProviderContextObj
fields. This table
lists the ProviderContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
provider |
String |
The provider
of the authentication or authorization
service |
Default |
providerStatus |
String |
Status of whether the authentication or authorization
event processed successfully by the provider |
Default |
The AuthnMappingContextObj object
Table 9. AuthnMappingContextObj fields. This
table lists the AuthnMappingContextObj fields.
Field |
Type |
Description |
Default or Verbose logging |
mappedSecurityDomain |
String |
The
security domain after mapping has occurred |
Default |
mappedRealm |
String |
The
realm after mapping has occurred |
Default |
mappedUserName |
String |
The user name
after mapping has occurred |
Default |
The AuthnTermContextObj
object
Table 10. AuthnTermContextObj
fields. This
table lists the AuthnTermContextObj fields.
Field |
Type |
Description |
Default or Verbose logging |
terminateReason |
String |
The reason
authentication ended |
Default |
The AccessContextObj
object
Table 11. AccessContextObj
fields. This table
lists the AccessContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
progName |
String |
The name of
the program that was involved in
the event |
Default |
action |
String |
The action being performed. |
Default |
registryUserName |
String |
The
name of the user in the registry |
Default |
appUserName |
String |
The name of
the user within an application |
Default |
accessDecision |
String |
The decision
of the authorization call |
Default |
resourceName |
String |
The name of
the resource in the context of the
application |
Default |
resourceType |
String |
The type of resource |
Default |
resourceUniqueId |
Long |
The unique
identifier of the resource |
Default |
permissionsChecked |
String array |
The permissions
that were checked during the
authorization call |
Default |
permissionsGranted |
String array |
The permissions
that were granted during the
authorization call |
Default |
rolesChecked |
String array |
The roles
that were checked during the authorization
call |
Default |
rolesGranted |
String
array |
The roles that were granted during
the authorization
call |
Default |
The PolicyContextObj
object
Table 12. PolicyContextObj
fields. This table
lists the PolicyContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
policyName |
String |
The name of
the policy |
Default |
policyType |
String |
The type of policy |
Default |
The KeyContextObj
object
Table 13. KeyContextObj
fields. This table lists
the KeyContextObj fields.
Field |
Type |
Description |
Default
or Verbose logging |
keyLabel |
String |
The
key or certificate label |
Default |
keyLocation |
String |
The physical
location of the key database |
Default |
certLifetime |
Date |
The date when
a certificate expires |
Default |
The CipherContextObj
object
Table 14. CipherContextObj
fields. This table
lists the CipherContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
cipherData |
Byte array |
The cipher
data that is captured |
Verbose |
The MgmtContextObj
object
Table 15. MgmtContextObj
fields. This table lists
the MgmtContextObj fields.
Field |
Type |
Description |
Default
or Verbose logging |
mgmtType |
String |
The
type of management operation |
Default |
mgmtCommand |
String |
The application-specific
command that was performed |
Default |
targetInfoAttributes |
Target Atrribute array |
Information
about one or more secondary objects
involved in this operation |
Verbose |
The ResponseContextObj
object
Table 16. ResponseContextObj
fields. This table
lists the ResponseContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
url |
String |
The URL of
the HTTP request |
Default |
httpRequestHeaders |
Attributes array |
The
HTTP request headers provided by the client |
Verbose |
httpResponseHeaders |
Attributes array |
The
HTTP response headers returned by the server |
Verbose |
The CustomPropertyContextObj object
Table 17. CustomPropertyContextObj fields. This table lists the CustomPropertyContextObj fields.Field |
Type |
Description |
Default or Verbose logging |
key |
String |
The label representing
the custom property key
name |
Verbose |
value |
Object |
The object value of the custom property |
Verbose |
|
