Displaying the Security Audit Log

On the Security Policies tab, click Display Audit Log to display the Audit log, which can record login attempts. Audit log behavior is governed by the Audit log level policy setting.

A Report Definition report displays the Security Audit Log report. This report includes a default filter to display all audit events, which is set to pxCreateDateTime is Less or Equal to Current Month. To adjust the date range, click the link next to Filters in the report header.

For each logged event, the log captures:

  • Create Date/Time — The time of the attempt
  • Remote IP Address — The IP address of the system from which the attempt was made
  • Remote Host — The name of the computer involved
  • User Name — The operator ID used in the login attempt
  • Message — The status message returned during authentication of the login
  • Browser (User-Agent) — HTTP Request Header "User-Agent"
  • Referrer — HTTP Request Header "User-Agent"
  • Via — Records proxies through which the request was sent