User Logins Test
In highly secure environments, unauthorized user logins into the servers may pose a security risk. Therefore, administrators should keep track on the user logins to the servers and constantly monitor for any unauthorized user logins. To aid administrators in this exercise, eG Enterprise offers the User Logins test.
Use this test to track user logins to the target Unix server and rapidly capture unauthorized users who have logged into the server.
This test is disabled by default. To enable the test, go to the enable / disable tests page using the menu sequence : Agents -> Tests -> Enable/Disable, pick the desired Component type, set Performance as the Test type, choose the test from the DISABLED TESTS list, and click on the << button to move the test to the ENABLED TESTS list. Finally, click the Update button.
Target of the test : Any Unix host system
Agent deploying the test : An internal agent
Outputs of the test : One set of results for the target server being monitored
| Parameter | Description |
|---|---|
|
Test period |
How often should the test be executed. |
|
Host |
The host for which the test is to be configured. |
|
Report DD Total Users |
By default, this flag is set to No, indicating that this test will not report detailed diagnostics for the Total Users measure. This means that the test, by default, will not capture and store the details of every user logging into the target server, in the eG database. However, if you want to view the complete list of users logging into the target server, enable the detailed diagnosis capability of the Total Users measure by setting this flag to Yes. |
|
Authorized Users |
By default, this parameter is set to none indicating that this test will consider all users as authorized users to login into the target server. However, in some environments, administrators may want only a few users to login into the target server and restrict access for the rest of the users. In such case, administrators can specify a comma-separated list of users who are authorized to login into the target server against this parameter. |
|
DD Frequency |
Refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time this test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD frequency. |
|
Detailed Diagnosis |
To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option.The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:The eG manager license should allow the detailed diagnosis capabilityBoth the normal and abnormal frequencies configured for the detailed diagnosis measures should not be 0. |
| Measurement | Description | Measurement Unit | Interpretation |
|---|---|---|---|
|
Current users |
Indicates the total number of users who have currently logged into the target server. |
Number |
The detailed diagnosis of this measure if enabled, lists the name of the users who have logged into the target server and their IP addresses. |
|
Unauthorized users |
Indicates the number of users who are not authorized to login into the target server. |
Number |
The detailed diagnosis of this measure lists the name of the unauthorized users who have logged into the target server and their IP addresses. |
