SIM Audit
The SIM Audit category contains events that are related to user interaction with the JSA Console and administrative features.
The following table describes the low-level event categories and associated severity levels for the SIM Audit category.
Low-level event category |
Category ID |
Description |
Severity level (0 - 10) |
|---|---|---|---|
SIM User Authentication |
16001 |
Indicates a user login or logout on the Console. |
5 |
SIM Configuration Change |
16002 |
Indicates that a user changed the SIM configuration or deployment. |
3 |
SIM User Action |
16003 |
Indicates that a user initiated a process, such as starting a backup or generating a report, in the SIM module. |
3 |
Session Created |
16004 |
Indicates that a user session was created. |
3 |
Session Destroyed |
16005 |
Indicates that a user session was destroyed. |
3 |
Admin Session Created |
16006 |
Indicates that an admin session was created. |
|
Admin Session Destroyed |
16007 |
Indicates that an admin session was destroyed. |
3 |
Session Authentication Invalid |
16008 |
Indicates an invalid session authentication. |
5 |
Session Authentication Expired |
16009 |
Indicates that a session authentication expired. |
3 |
Risk Manager Configuration |
16010 |
Indicates that a user changed the JSA Risk Manager configuration. |
3 |