View audit log activity

By viewing audit logs, users with Security Admin permissions can monitor user actions, authentication failures, invalid login attempts, and the user session lifespan.

Before you begin


  1. Select Settings > Access Management.
  2. Select the Audit Log tab.
    Audit log activity appears in tabular format, which includes the following columns of information:
    • Date/Time – Timestamp of when the storage array detected the event (in GMT).
    • Username – The user name associated with the event. For any non-authenticated actions on the storage array, "N/A" appears as the user name. Non-authenticated actions might be triggered by the internal proxy or some other mechanism.
    • Status Code – HTTP status code of the operation (200, 400, etc.) and descriptive text associated with the event.
    • URL Accessed – Full URL (including host) and query string.
    • Client IP Address – IP address of the client associated with the event.
    • Source – Logging source associated with the event, which can be System Manager, CLI, Web Services, or Support Shell.
  3. Use the selections on the Audit Log page to view and manage events.