ID Vault: Wrong and missing information in Security Event Log entries

I think in the following Security Log entries is crucial information missing and wrong information is reported:1. ID for ‘Paul Clemmons/MARKETING/HENSELER’ (IP Address 192.168.91.1:3181) in vault ‘O=HENSELER-IDVault’ was not downloaded because the wrong password was supplied. Error: Wrong Password. (Passwords are case sensitive - be sure to use correct upper and lower case.)

Missing information: Who tried to download the ID.

Wrong information: In this case, it was not Paul Clemmons, but Administrator/HENSELER who tried to download the id Paul Clemmons.

  1. ID successfully downloaded by auditor from vault ‘O=HENSELER-IDVault’ by ‘Paul Clemmons/MARKETING/HENSELER’ (IP address 192.168.91.1:3030).

Missing: Who downloaded which ID?

Wrong information: The ID for Paul Clemmons was downloaded by Administrator/HENSELER

Subject: Thanks; logging has been significantly improved in the current build

Here’s what the current build does:

In this case, the logging that you will see will depend on how the download was attempted. If the admin changes their notes.ini to indicate somebody else’s identity before starting Notes, you will see a logged message similar to the one that you are currently experiencing. Since the requestor doesn’t have an actual identity yet, you’ll have to track down any malefactors by their IP address.

If the admin/auditor attempts to “extract” an ID file from the vault through the extract tool, the name of the admin will be logged as well as their IP address and the name of the person being extracted.

Does that give you enough information to maintain a solid audit trail?

Subject: ID Vault: Enhanced logging in current build

Thank you for your detailled description of the logging enhancements :-)Sounds good to me, but I’d be happier if I could play around with it …

Cannot wait for the next beta.

After I’ve tested NSL & ID Vault, I will dig into roaming, especially the FS-based one.

Hope I am not bothering you with my input too much. Just give me a note and I will calm down :wink:

Subject: No problem - we’re big fans of feedback. :slight_smile: