| Action | This is the intended action for a received request. Examples are: |
| Application Name | The name of the authenticator application. |
| Area | The functional area of the audited component, where the audit message was recorded. Example: - Microsoft Active Directory Search
|
| Audit Location | The location of the audit message source. This is typically an IP address or a host name. |
| Audit Version | The revision of the auditing format. |
| Back-End Authentication | The back-end authentication protocol ID; value can also be "None". |
| Characteristics | A space-separated list of keywords indicating characteristics of interest. Example (in case of a connection attempt): |
| Client Location | When the client machine is not the source of the audit message, this field displays the location of the client. |
| Client Type | The client component type. |
| Command | The name of the command that triggered the relevant audit process. |
| Configuration Details | Detailed information about the configuration settings. |
| Credentials | The credentials that were entered for the connections / authentication attempt. Examples: |
| Data Source Location | The location of the data source, for instance the path and/or file name, if the data source is a file. |
| Data Source Type | The type of the data source, for instance a file or a registry. |
| Delivery Destination | The destination to deliver a message to (via Message Delivery Component). |
| Delivery Method | The method used to deliver a message (via Message Delivery Component). |
| Description | The description of the audit message. |
| Domain | The domain name. In case of an administrative command, this is usually the domain of the administrator. The domain of the targeted user is stored in Target Domain. |
| Downtime | The duration (in minutes) of downtime of a RADIUS back-end. |
| DIGIPASS type | The type of authenticator, for instance Digipass 300. |
| Elapsed Time | The time in milliseconds that passed since the operation started. Note that you do not need to enable performance monitoring to capture the elapsed time, but not every audit message includes it. This field is shown in the Audit Viewer application, but not in the Administration Web Interface. |
| Epoch Certificate | The certificate of the current epoch. |
| Epoch ID | The identifier of the current epoch. |
| Epoch Sequence Number | The sequence number of the audit message within the current epoch. |
| Epoch Version | The revision of the secure auditing format. |
| Error Code | The error code for the audit message. |
| Error Details | The full dump of the error stack. |
| Error Message | The string representation of the error code. |
| Expiration Date | The expiration date related to the audit message subject, for instance the expiration date of the grace period. |
| Fields Details | "All Fields" or list of fields returned by the executed query. |
| From Location | The source location for a particular process, for instance when something is moved. |
| Info Message | The message returned by an external component. Example: |
| Input Details | Detailed information about the request parameters and/or attributes. |
| IP Address | The IP address of the client related to this audit message (only in case the client is not the source of the audit message). This field is usually set only, if Client Location is specified. |
| Local Authentication | Indicates if local authentication was performed. |
| Mobile Number | The mobile phone number to send a message to (via MDC). |
| Object | The name of an object that is related to an audit query or command. |
| Offline Data Details | The details of the offline data for the relevant audit message. |
| Offline State Data | The offline state data for the relevant audit message. |
| Operation | The operation that was attempted or processed when the audit message was recorded. |
| Outcome | The outcome of an attempt of RADIUS authentication. Examples: |
| Output Details | Detailed information about the response parameters and/or attributes. |
| Password Protocol | The protocol used for password encoding. Examples: - PAP
- CHAP
- EAP-MD5
- MS-CHAP1
- MS-CHAP2
|
| Policy ID | The identifier of the policy handling the request. |
| Protocol | The identifier of the communication protocol used. |
| Quota | The value of a quota related to the audit message subject. Example: |
| RADIUS Input Octets | Acct-Input-Octets: the number of bytes received for an account input request during the RADIUS accounting session. |
| RADIUS Output Octets | Acct-Output-Octets: the number of bytes sent for an account output request during the RADIUS accounting session. |
| RADIUS Profile | The RADIUS profile used for setting up OneSpan Authentication Server, and for the RADIUS back-end. |
| RADIUS Status Type | The Acct-Status-Type field from the RADIUS accounting packet. Typically indicates beginning and/or end of an accounting session. |
| Reason | A short phrase indicating the reason for a failure. |
| Request ID | The request identifier. Example: |
| Request Type | The type of packet. Examples (for a RADIUS protocol): - "Access-Request"
- "Access-Accept"
|
| Serial Number | The serial number of the authenticator. |
| Server Location | The location of the server, typically an IP address or host name. |
| Session ID | The session identifier. |
| Session Time | The duration (in seconds) of the session. |
| Signature | The cryptographic signature of the audit message. |
| Target Domain | This is the domain of the user targeted by an administrative command. |
| Target User ID | This is the user ID of the user targeted by an administrative command. |
| Task Description | The description of the task. |
| Task Execution Time | The time that was required to complete the task. |
| Task ID | The task identifier. |
| Task Result | The result of the task. |
| To Location | The destination location for a particular process, for instance when something is moved. |
| User ID | When the user ID refers to an OneSpan Authentication Server user account, this is the exact user ID. In case of an administrative command, this is usually an administrator. The targeted user is stored in Target User Id. |
| User Link | The user ID of the user account linked to this user account. |
| User Location | The location (IP address) of the user's client device. Examples: - RADIUS calling-station-ID
- HTTP browser/client address
|
