Searching the log file for ID vault events

Most vault user and server operations generate entries in the server log files (LOG.NSF) and in the Domino® Domain Monitor database (DDM.NSF). You can use criteria to search ID vault events in the log file and generate a report of the results.

Procedure

  1. From the Domino Administrator, click the Server > Analysis tab.
  2. Click Tools > Vault Security Log.
  3. Specify search criteria using any of these tabs: Range (date), Data (user name, vault name, server name, IP address), Words, and Security Level.
  4. Optional: Use the Queries tab to name and save the specified search query so you can repeat the same search in the future. To repeat the search in the future, click Queries and select the named query.
  5. Click OK to perform the search.

Results

Results are reported to the Security Log Analysis Results view of the log file.

Examples include the following:

  • Search for all ID vault events within the past week involving a specific user name. (Criteria tabs: Range and Data)
  • Search for all ID vault events within the past month involving a specific IP address (Criteria tabs: Range and Data)
  • Search for all ID vault events today containing the word "download" (Criteria tabs: Range and Words)
  • Search for all ID vault events today of severity level Critical, Warning - high, Warning - low (Criteria tabs: Range and Security Level.)