Skip to content

ACCESS_SESSION_TERMINATED Audit Event

Endi S. Dewata edited this page May 31, 2023 · 3 revisions

Overview

The ACCESS_SESSION_TERMINATED audit event is generated when the secure connection between PKI client and PKI server is terminated.

Properties:

  • ClientIP: Client’s IP address

  • ServerIP: Server’s IP address

  • SubjectID: Client certificate’s subject DN

  • Outcome: Success

Examples

Use CLI to authenticate as admin user:

$ pki -n caadmin ca-user-find

The server will generate the following events:

[AuditEvent=ACCESS_SESSION_TERMINATED][ClientIP=10.34.78.30][ServerIP=10.34.78.3
0][SubjectID=CN=PKI Administrator,[email protected],OU=pki-tomcat,O=EXAMPLE]
[Outcome=Success][Info=CLOSE_NOTIFY] access session terminated
Clone this wiki locally