Searching; Running An Event Search; Basic Search - Novell IDENTITY AUDIT 1.0 - GUIDE Manual

Searching

6
Novell Identity Audit provides the ability to perform a search on events. The search includes all
online data currently in the database, but internal events generated by the Identity Audit system are
excluded unless the user selects Include System Events. By default, events are sorted based on the
search engine's relevancy algorithm.
Basic event information includes event name, source, time, severity, information about the initiator
(represented by an arrow icon), and information about the target (represented by a bull's-eye icon).
Event Fields
Figure 6-1
Section 6.1, "Running an Event Search," on page 47
Section 6.2, "Viewing Search Results," on page 49
Section 6.3, "Event Fields," on page 52

6.1 Running an Event Search

Users can run simple and advanced searches.
Section 6.1.1, "Basic Search," on page 47
Section 6.1.2, "Advanced Search," on page 48

6.1.1 Basic Search

A basic search runs against all of the event fields in
searches include the following:
root
127.0.0.1
Lock*
driverset0
NOTE: If time is not synchronized between the end user machine and the Identity Audit server (for
example, one machine is 25 minutes behind), you might get unexpected results from your search.
Searches such as Last 1 hour or Last 24 hours are based on the end user's machine time.
1 Click the Search link on the left.
Table 6-1 on page 52. Some sample basic
6
Searching 47