For security purposes and to give administrators insight on all aspects of Dorian, Dorian maintains a list of auditing information for grid user accounts, user certificates, host certificates, trusted identity providers, and general system information. The following is a list of auditing information maintained for each user account:
Audit Information
Description
AccessDenied
Documents when a user was denied access to Dorian.
AccountCreated
Documents when a grid user account was first created.
AccountRemoved
Documents when the grid user account was removed.
AccountUpdated
Documents when the grid user account was updated.
AdminAdded
Documents when a user was granted administrative access to Dorian.
AdminRemoved
Documents when administrative access to Dorian was revoked from a user.
CRLPublished
Documents when Dorian publishes its CRL and who receives that CRL.
HostCertificateApproved
Documents when and by whom a host certificate was approved.
HostCertificateRequested
Documents when and by whom a host certificate was requested.
HostCertificateRenewed
Documents when and by whom a host certificate was renewed.
HostCertificateUpdated
Documents when, what, and by whom the host certificate was updated.
IdPAdded
Documents when an identity provider was registered to Dorian as a trusted identity provider.
IdPUpdated
Documents when an identity provider was updated.
IdPRemoved
Documents when an identity provider was removed from Dorian as a trusted identity provider.
InternalError
Documents when an unexpected system error occurs in Dorian.
InvalidUserCertificateRequest
Documents when a user FAILED to obtain PKI user credentials.
SuccessfulUserCertificateRequest
Documents when a user was able to successfully obtain PKI user credentials.
SystemStartup
Documents each time the Dorian Service is started up.
UserCertificateUpdate
Documents when an individual user certificate is updated.
UserCertificateRemoved
Documents when an individual user certificate is removed.
The GAARDS UI allows Dorian administrators to search the auditing information collected by Dorian using the following search criteria.
Criteria
Description
Target
The identity of the subject that the audit information describes.
Reporting Party
The identity of the party that performed or reported the action.
Audit Type
The type of auditing information, please consult the table above for different types.
Start Date
The start of a date/time range of when the even occurred.
End Date
The end of a date/time range of when the even occurred.
Message
Search the content of the Audit Message.
To use the GAARDS UI to search the auditing information collected by Dorian, complete the following steps:
From the Account Management menu, select the Grid Account Management sub menu, and select Auditing. This will launch the Auditing Search Window.
From the Service drop down select the Dorian you wish to search.
Enter you search criteria, please consult the table above. If no search criteria is specified all audit records for the user will be returned.
Click the "Search" button.
When the search has completed, the audit records meeting your search criteria will be displayed in the table below the Search button. To view the complete details of a specifc audit record, select that record in the table and click the "View" button. This will launch a window containing the complete details of the audit record you selected.
Administration
