Hi, we're on ICM 7.5.9, and one thing we're seeing is that the agent reksilling website doesn't log users who successfully log in. I can see failed log in attempts in the Tomcat logs, but do not see IP address/user name/etc., for users who successfully log in.
We're trying to see if there's a user audit trail for people who log in and make agent skill changes, and so far no luck. Agents that get changed by the reskilling website show in the ICM config log as changed by the HDS reskilling account, not the user that actually makes the changes.
Has anyone had any luck with either IIS or Tomcat logs of basic user log in/out and any changes/reskilling changes that were made? Any insight is appreciated.
Never actually tested it for this scenario but you might be able to do what you want with the dumpcfg utility
More information here
Thanks, we looked into that, but that doesn't provide what you need. It only tells you that the account that resides on the reskilling server made the change, not that the person who was logged into the reskilling site made the change.
Dumpcfg is a to determine what users have made changes within Config Manager, unfortunately when the Agent Re-Skilling tool is used to make the update / change the UserName indicated to have made the change is that of the distributor that re-skilling is being run from.
So, unfortunately, there is no way to track the supervisor ID for the change and the only thing you can track is the server that Re-skilling was used on.
There are also no database tables or methods for tracking supervisor login to the re-skilling tool for a means of possibly piecing the data together.
The only thing that I have recommended to other customers is to possibly have the re-skilling tool enabled on multiple AWs, that way you can at least isolate which AW was used. If a particular group of supervisors use only particular AWs, that at least narrows it down.
The request that you are making has been made by several customers and it may be one that enhancement requests have been entered for. If this feature is something that you have a strong need for, suggest that you contact your Cisco Account Personnel who would be able to build an enhancement request for this feature on your behalf.
At least on 8.5.x you modify Tomcat Configuration to log the servlet logging, it looks to be the same in 7.5(10):
1) Modified x:\icm\tomcat\webapps\uiroot\WEB-INF\properties\common\apiserver\logManager\APIServer.properties
2) Replaced VERBOSITY_NONE with LOCAL_DUMP
3) Restarted Tomcat Service
4) Look in the file x:\icm\tomcat\webapps\uiroot\WEB-INF\logs\traceLog.Log
Its not completly straightforward but you can work out logins and changes, keep an eye on the file sizes
This was somefeedback from TAC