Session Logs

This Session Logs present:

• Activity of end users that open corporate applications through the User App Portal

• Configuration changes by the administrator for Application-Level access Clientless access to specific corporate applications, such as web, SSH, RDP, tunnel, and database applications.

• System events, such as deployment or termination of the data center connectors

Each table row presents an access to a single corporate application by a single user.

Note - For web applications, the user typically browses through multiple links. To see each browsed link of a web application, visit the Web Traffic Logs page.

The session logs table contains the following fields:

The session log consists of five types of logs:

• System Logs includes information on activities within the Application-Level site, such as access permissions change and new users. It also informs you of a user login to the Application-Level access system.

• HTTP Logs includes information on web applications connectivity

• SSH Logs include information on SSH server connectivity and the full command trail the user has performed, including alerts on suspicious activity. Each SSH log also has a full recording of the SSH session. To view this recording, click View Session.

• Database Logs includes information on Database server connectivity and the full query trail the user performed

• RDP Logs currently reports RDP server connection. Each RDP log has a full recording of the RDP session. The system retains the session recordings for one month. To view this recording, click View Session.

There are two types of System logs:

• System configurations: the User column is the administrator that performs the action, and the Application column is empty

• System login: the User column is a user that connects to the system, and the Application column is empty