cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Cisco Intersight Audit Logs Overview

138
Views
5
Helpful
0
Comments

Cisco Intersight Audit Logs provide information on events and actions performed within Intersight.  Audit Logs are available in the Intersight UI from the gear icon->Audit Logs:

Screen Shot 2021-01-10 at 10.44.57 AM.png

Audit Logs can be filtered in several ways (by User, Client IP Address, Event, etc.) and Search and Export is available to easily find and organize Log information:

 Screen Shot 2021-01-10 at 10.52.38 AM.png

Endpoint devices like UCS Manager also provide Audit Logs on the device to track any actions performed locally or from Intersight.  All device access and authorization from Intersight is controlled through Intersight's Role Based Access Control (RBAC) feature (for details on Intersight RBAC see https://www.intersight.com/help/features#role_based_access_control).  Because Intersight's RBAC does not require local user accounts, device Audit Logs report User information based on Intersight identifiers.  For example, when UCS Manager's UI is launched from Intersight and the user modifies a Server Profile User Label, the following Audit Log is created within UCS Manager:

Screen Shot 2021-01-10 at 10.39.35 AM.png

The User in the above example is an Intersight User Managed Object ID (Moid), and additional information on the User can be found in Intersight's API browser (https://intersight.com/apidocs).  Below, the Users resource is queried for a user with the Moid from the UCS Manager Audit Log and Intersight username and other details can be retrieved:

Screen Shot 2021-01-10 at 10.42.03 AM.png

Content for Community-Ad
This widget could not be displayed.