Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

LMS 3.2 audit trail problem

Dears,

I am using LMS 3.2.

And I found that if I delete a device in Common Service using a user(not admin).

Then go to RME report generator to create a audit trail report.

The report show that the device was deleted by "admin".

But I tried to add that device again, it will show the device was added by a user(not admin).

Is this a bug or what ? any one has encounter this senario?

Thanks for any reply.

Everyone's tags (8)
6 REPLIES
Cisco Employee

Re: LMS 3.2 audit trail problem

If admin your System Identity User?  Are you deleting the device from RME directly, or from DCR?

Community Member

Re: LMS 3.2 audit trail problem

Yes, admin is the system default identity user.

I delete the device in DCR(common service) not in RME.

Because I found that recently I add device into DCR.

It won't automatedly populate to RME and DFM.

What else should I do to correct this?

Re: LMS 3.2 audit trail problem

I see this too.

The audit report in common services shows who deleted it. Not sure what would happen if someone in Campus would delete them.

Wonder if this info should flow to RME or if RME should indicate it was deleted in module 'xx' hence point to audit report in that module.

It confuses my customers for now.

To check if new devices go from DCR to a module verify if "auto allocation" is on.

Cheers,

Michel

Cisco Employee

Re: LMS 3.2 audit trail problem

I haven't tested this yet, but I believe RME is showing you the System Identity User since that is the username used for inter-process communication.  When you remove the device from DCR, DCR sends a message to RME to let RME know the device needs to be deleted.  That message comes from the System Identity User.

I believe this problem will go away in LMS 4.0, but I will confirm.

Community Member

Re: LMS 3.2 audit trail problem

Thanks for your reply. I have done some tests.

If I enable Auto Mode in Auto Allocation.

Add device in DCR with non-admin user.

     ->Audit trail report shows it was added by admin

Delete device in DCR with non-admin user.

     ->Audit trail report shows it was deleted by admin

If I disable Auto Mode in Auto Allocation

Add device in DCR with non-admin user.

Add device in RME from DCR with non-admin user.

     ->Audit trail report shows it was added by non-admin user

Delete device in DCR with non-admin user.

     ->Audit trail report shows it was deleted by non-admin user

A conclusion from the tests:

If I enable auto mode in auto allocation, then the audit trail is useless.

Because whatever I've done, it show admin anyway.

Is this a bug or what? anyone has the same situation?

Cisco Employee

Re: LMS 3.2 audit trail problem

This is expected since the transactions are happening with the System Identity User.  The DCR audit log under Common Services > Device and Credentials > Reports should have the proper accounting info.

457
Views
0
Helpful
6
Replies
CreatePlease to create content