SecurTrac Administration Guide

User Activity Monitor Logs

The User Activity log provides detailed information about user activities including database open/close, View open and document open/create/update/delete actions.

To view log information for the Intrusion Detection Monitor:

Open the SecurTrac Log Database (SCTLOG.NSF or user defined log database)
In the left pane, select User Activity Monitor\User Activity Log.
In the right pane, a list of User Activity logs will be shown and sorted by user name and date.
Double click the log you are looking for and the details of the log will be shown.

The following table describes all fields in the User Activity log:

Field	Description
Initiator	Address/Notes user ID who initiated the action
Time	Date and time the event was detected
Database Title	Title of the database being accessed
Database Path	Relative path of the database file location in the Domino data directory
Action	Type of action taken. The value can be either DBOpen, DBClose, View Open, DocOpen, DocCreate, DocUpdate, DocDelete
Triggered by Monitor	The monitor(s) which triggered the log. It will show the description of the monitor, if the monitor description exists. Otherwise, it shows the document ID for the monitor document. A link allows you to open the Monitor document that triggered the log.
Used Full Access Admin privilege	Was the Full Access Administration privilege used
Database/View/Document Link	Link to the corresponding database if it is a database action Link to the corresponding view if it is a view action Link to the corresponding document if it is a document action
View Name	Title of the view which is being accessed.
Service	The service used in the connection
Port Name	The connection port name
Address	The IP address of the computer that connected to the server

-------------------------------------------------------------------------------------------------------------------------------------------