Data Loss Prevention

Hi,

I need to pull report for last logon date of the All DLP SPOCS(users) in DLP Enforce.

Can any one help me on this how to pull last login date for users.

 

Thanks.

Is this article answer for your query https://www-secure.symantec.com/connect/articles/introduction-dlp-11-pre-configured-reports

There are two ways to do it. The first involves logging into the DB via SQLPlus and running the following command.

 

Select name,  editdate from ProtectUser;

 

The edit date covers password changes so it’s a relatively good proxy for how active a user has been. Since you may not have the protect database password I would have the oracle admins run this and give you the results.

 

The other way is to look in the tomcat logs for a logon. I used to use programmers notepad (http://pnotepad.org) since it has a find in files function and the latest file the name was in was their last logon time.

The DLP IT Analytics pack (avaialble as a part of your DLP License) has a report called "DLP Auditing - User Action Auditing" and within that report you select the entitity "Login" and then you can further filter it for Role or Username to provide the login information without having to grep the Tomcat logs or run a SQL query.

See attached screenshot

 

SET LINESIZE 4000
SET PAGESIZE 10000
SET LONG 20000
SET ECHO ON
SET FEEDBACK OFF
SET TRIMSPOOL ON
SET SERVEROUTPUT ON
SET TIME ON
SET TIMING ON
ALTER SESSION SET NLS_DATE_FORMAT='yyyy-mm-dd hh24:mi:ss';
SET MARKUP HTML ON ENTMAP ON SPOOL ON PREFORMAT OFF
SPOOL %USERPROFILE%\Documents\AuditReport.html
SELECT Max(TIME), USERNAME FROM AUDITLOG WHERE ENTITY='Login' and Action='Successful' Group by USERNAME ORDER BY USERNAME;

SET MARKUP HTML OFF ENTMAP OFF SPOOL OFF PREFORMAT ON
EXIT;

Original Message:
Sent: Nov 28, 2014 03:24 AM
From: Migration User
Subject: pull report for last logon date

Hi,

I need to pull report for last logon date of the All DLP SPOCS(users) in DLP Enforce.

Can any one help me on this how to pull last login date for users.

 

Thanks.