Hello George,
Under ibm-common-services namespace are the auth-idp and auth-pdp pods which are the authenticator services, those does not record user login activity
Under Cloud Pak for Security namespace is the isc-entitlement pod log same:
{"level":"info","label":"CP4SControllerBase","message":"entering getChangeLogSequence
Those pods log users' activity, however, it is hard to determine if was a login activity, cause the same log sample comes up when you access some of the CP4S tabs, for example, case management and when you create a case.
For now auditing user login is hard to track.
Eddie Melendez.
IBM Qradar Suite Support.
------------------------------
Eddie Andres Melendez Monge
------------------------------
Original Message:
Sent: Wed December 20, 2023 06:31 AM
From: George Petkakis
Subject: Setup Authentication Logging
Hi.
Is there a way to monitor authentication logs on Cloud Pak for Security?
Officially i cannot find anything.
I want to monitor logs like who logged into Cloud Pak , what url he searched, etc...
If someone did something relative or custom i guess.
Thanks in advance.
------------------------------
George Petkakis
------------------------------