Access Control Logsㅤ
Overview
This page logs the history of granting and revoking direct server access permissions assigned to QueryPie users or groups.
Viewing Access Control Logs
Navigate to the Administrator > Audit > Servers > Access Control Logs menu.
Logs are displayed in descending order based on the current month.
You can search the table using the search field in the upper left corner with the following criteria:
Name: User name
Email: User email
Server Group: Server group name
Server Name: Server name
Host: Server host
Account: Server account
You can apply AND/OR filters by clicking the filter button on the right side of the search field with the following options:
Event: Type of event
Access Control Granted: History of granted permissions
Access Control Revoked: History of revoked permissions
Whitelist Granted : History of granted command whitelists
Whitelist Revoked : History of revoked command whitelists
Action At: Date range of permission grant/revocation
You can refresh the log list using the refresh button in the upper right corner of the table.
The table provides the following column information:
No: Event identification number
Action At: Date and time of permission grant/revocation
Event: Event related to the permission
Access Control Granted: Event where permission is granted to a user/group
Access Control Revoked: Event where permission is revoked from a user/group
Whitelist Granted: Event where a Command Whitelist is granted to a user/group
Whitelist Revoked: Event where a Command Whitelist is revoked from a user/group
User Type: Type of user/group
Name: Name of the target user/group
Email: Email of the target user
Not displayed for groups
Server Group: Server group name
Server Name: Server name
Host: Server host
Expiration Date: Expiration date of the granted permission (revocation date)
Account: Server account
Action By: Name of the administrator who granted/revoked the permission or "System"
Viewing Access Control Log Details
Click on each row to view detailed information.
At the top, the following basic event information is displayed:
Action At: Date and time of permission grant/revocation
Event: Event when permission was granted/revoked from a user/group
User Type: Type of user/group
Name: Name of the target user/group
Email: Email of the target user
Server Group: Server group name
Server Name: Server name
Host: Server host
Expiration Date: Expiration date of the granted permission (revocation date)
Account: Server account
Action By: Name of the administrator who granted/revoked the permission or "System"
If permissions were granted through a workflow, an Access Request link appears, allowing you to open the Request page in a new window.
At the bottom, the policies applied to the granted/revoked permissions are listed:
Access Control related logs - Policy
Access Time: Allowed access time
Weekday Access Allow: Allowed access days
IP Addresses: Allowed IP addresses
Command Audit: Command audit status
Proxy Usage: Whether access through Proxy (Agent) is allowed
Max Sessions: Maximum number of allowed sessions
Session Timeout (minutes): Session timeout duration
Protocols: Allowed protocols
Command Template: Applied restricted command set
Whitelist related logs - Whitelisted Commands
Keyword : Keyword for exception
RegEx : Regular expression for exception
Whitelist Expiration Date : Expiration date for the exceptions