User Logins Test

In highly secure environments, unauthorized user logins into the servers may pose a security risk. Therefore, administrators should keep track on the user logins to the servers and constantly monitor for any unauthorized user logins. To aid administrators in this exercise, eG Enterprise offers the User Logins test.

Use this test to track user logins to the target Unix server and rapidly capture unauthorized users who have logged into the server.

Target of the test : Any Unix host system

Agent deploying the test : An internal agent

Outputs of the test : One set of results for the target server being monitored

Configurable parameters for the test
Parameter Description

Test period

How often should the test be executed.

Host

The host for which the test is to be configured.

Report DD Total Users

By default, this flag is set to No, indicating that this test will not report detailed diagnostics for the Total Users measure. This means that the test, by default, will not capture and store the details of every user logging into the target server, in the eG database. However, if you want to view the complete list of users logging into the target server, enable the detailed diagnosis capability of the Total Users measure by setting this flag to Yes.

Authorized Users

By default, this parameter is set to none indicating that this test will consider all users as authorized users to login into the target server. However, in some environments, administrators may want only a few users to login into the target server and restrict access for the rest of the users. In such case, administrators can specify a comma-separated list of users who are authorized to login into the target server against this parameter.

DD Frequency

Refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time this test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD frequency.

Detailed Diagnosis

To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option.The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:The eG manager license should allow the detailed diagnosis capabilityBoth the normal and abnormal frequencies configured for the detailed diagnosis measures should not be 0.

Measurements made by the test
Measurement Description Measurement Unit Interpretation

Current users

Indicates the total number of users who have currently logged into the target server.

Number

The detailed diagnosis of this measure if enabled, lists the name of the users who have logged into the target server and their IP addresses.

Unauthorized users

Indicates the number of users who are not authorized to login into the target server.

Number

The detailed diagnosis of this measure lists the name of the unauthorized users who have logged into the target server and their IP addresses.