The Security event is triggered for each failed login attempt.
Filtering
In the Event Setup tab, the values for all the event fields are set by default to All in the Match Value(s) column, which will generate event notifications for all state changes for all workflow groups. Double-click-on the field to open the Match Values dialog where you can click on the Add button to add which values you want to filter on. If there are specific values available, these will appear in a drop-down list. Alternatively, you can enter a hard coded string or a regular expression.
...
category
- If you have configured any Event Categories, you can select to only generate notifications for System events with the selected categories. See 4.4 Event Category for further information about Event Categories.contents
- The contents field contains a hard coded string with event specific information. If you want to use this field for filtering you can enter a part of the contents as a hard coded string, e g the state you are interested in Idle/Running/Stopping/etc. However, for Security events, the content consists of the text "Login attempt by <username> from host <IP address> failed."eventName
- This field can be used to specify which event types you want to generate notifications for. This may be useful if the selected event type is a parent to other event types. However, since the Security event is not a parent to any other event, this field will typically not be used for this event.origin
- The Platform IP address.receiveTimeStamp
- This field contains the date and time for when the event was inserted into the Platform database. If you want to use timeStamp for filtering, it may be a good idea to enter a regular expression, for example, "2018-04.*" for catching all System events from 1st of April, 2018, to 30th of April, 2018.severity
- With this field you can determine to only generate notifications for state changes with a certain severity; Information, Warning, Error or Disaster. The severity level for Security events is always Warning.timeStamp
This field contains the date and time when the Platform generated the event. If you want to use timeStamp for filtering, it may be a good idea to enter a regular expression, for example, "2018-06-15 09:.*" for catching all System events from 9:00 to 9:59 on the 15th of June, 2018.
...
systemMessage
- This field contains the username and IP address of the Desktop.
Examples Security Event Configuration
...
title | Example - Security Event sent to Log File |
---|
...
When a Security event occurs, a Security notification will be generated.
When this notification is generated a new log line will be added in the
securityevent.txt
file located in the/home/MyDirectory/securityevent
directory,with the following data:The date and time when the event was generated.
The system message.
...
title | Example - Security Event sent to Mail |
---|
...
When a Security event with a message containing the text "Warning" is registered, a System Event notification will be generated.
When this notification is generated, an entry will be added in the securitylog table in the database:
...
The system message, will be inserted in the message column in the database table.
...
.