Displaying the Security Audit Log

Display the audit log to view login attempts and other security events.

Before you begin: To display the security audit log, you must have the pzViewAuthPoliciesLP privilege, which is included in the PegaRULES:SecurityAdministrator role.

The Security Audit Log report includes a default filter to display all audit events, which is set to pxCreateDateTime is Less or Equal to Current Month. To adjust the date range, click the link next to Filters in the report header.

To select security events to monitor, use the Security Event Configuration landing page.

To select whether to report successful or unsuccessful login attempts, set the Audit log level setting on the Security Policies landing page.

To display the Security Audit Log, complete the following steps.

  1. In the header of Dev Studio, click Configure > System > Settings > Security Policies.
  2. Click Display Audit Log.
    Result: The security audit log is displayed. For each logged event, the log captures:
    • Create Date/Time – The time of the attempt
    • Remote IP Address – The IP address of the system from which the attempt was made
    • Remote Host – The name of the computer involved
    • User Name – The operator ID used in the login attempt
    • Message – The status message returned during authentication of the login
    • Browser (User-Agent) – HTTP Request Header "User-Agent"
    • Referrer – HTTP Request Header "User-Agent"
    • Via – Records proxies through which the request was sent