8 The OCSS Activity Log Tab

The Oracle® Communications Security Shield (OCSS) Activity tab provides a view of user activity to help with troubleshooting and audits. You can see logged activity such as configuration changes to access control lists, threshold parameters, and on-premises software components.

The OCSS User Activity Log Tab Display and Operations

The Oracle® Communications Security Shield (OCSS) Activity log tab displays logs that you can search for selected activities on specified dates.

The following screen capture shows the Activity Log tab. The left pane shows the filters and actions that you can use and the center pane shows examples of the logs. The Activity Log can display up to 1,050 logs, which you can view by scrolling down the page.

This screen capture shows the Activity Log page with the navigation pane on the left and examples of the logs in the center pane.

Log Descriptions

In the center pane, the Activity Log shows the following information sorted by timestamps in ascending order in a scrollable list.
  • Timestamp—Shows the date, time, and time zone of the log entry.
  • User—Shows the name or email address of the user who performed the action on the date of the timestamp.
  • Device—Shows the IP address or name of the device that the user's action affected.
  • Category—Shows the log category. Access Control Lists | Autonomous Threat Protection | Reputation Score Classification | Configuration Wizard.
  • Object ID—Shows the name of the affected object within the Category, for example, a phone number on an Access Control List or an enforcement action on a Telemarketing Call Classification.
  • Action—Shows the action performed on the affected object. Add | Edit | Delete.
  • Activity Details—Shows the details of the action performed on the object, including both the former value and new value. Click the twister control to the left of the Timestamp to see Activity Details.

Note:

You cannot remove an activity log. Only the system can remove an activity log, which occurs when the maximum number of logs accrues (100,000).

The following screen capture shows an example of an expanded log, showing the activity performed by the user. The Activity Details show the name of the affected configuration parameter, which is Enforcement Action in this example, and the Old and New values for the parameter. The new enforcement action is Redirect, so the Activity Details also shows the phone number entered as the redirect target.

This screen capture shows the center pane of the Activity Log tab. One log is expanded to show the Activity Details that correspond to the log. The details show the name of the affected configuration parameter, which is Enforcement Action. The details show the Old value and the New value set for Enforcement Action. In the example, the new enforcement action is Redirect, so the details also show the phone number entered as the redirect target.

The Activity Log builds the results of a searches dynamically, where the search results show only users and categories for which a logged event occurred. For example, suppose you search for UsernameAbcd@companynameXyz.com and UsernameAbcd@companynameXyz.com did not perform any logged event in the timeframe you selected for your search. The results page will not display UsernameAbcd@companynamexyzin the results list. The same behavior applies to searching by category, where the results display only the categories in which a logged event occurred.

Search the Activity Log Using Filters

To help you find logs, the left pane of the Activity Log tab displays filters for a specific date, date range, user, category, and user action. You can set and reset the filters in real-time because each time you set or reset a filter, the system refreshes the results in the center pane.

You can set multiple filters and you can change or clear them, as needed.

Note:

The Search with filters function does not support saving searches.
  1. Access the Activity Log tab.
  2. In the left pane, set any of the following filters.
    • Date Range—Click one of the presets for the last 24 hours, last 7 days, or last 30 days or set a custom date range with the date picker. Note that the date picker calendar does not allow you to select a date more than 90 days before the current date. The Date Range selector defaults to Custom when you first open the Activity Logging tab and also after you click Clear.
    • User—Search for logs by user name. A user can be a person or the system. If you select a user and decide not to search by user, click Select a User to clear the selection. (You do not need to click Clear at the top of the navigation pane to clear the user search.)
    • Category—Search for logs by configuration type such as Topology, Call Type Classification, Config Wizard, Access Control Lists, Reputation Score Classification, and Autonomous Threat Protection.
    • Action—Search on actions such as Add, Edit, and Delete.
  3. View the logs in the center pane and click the twister by the timestamp to see the details of each one.

Search the Activity Log Using the Object ID

At the top of the center pane, the Activity Log tab displays the Search Object ID text box to help you find activity logs for a certain object that the Oracle® Communications Security Shield (OCSS) logs. The term "Object" can refer to a call classification type, the name of a system in your network, an Anonymous Threat Protection setting, a phone number, or the name of an Access Control List.

Before You Begin
  • Find the object ID, such as the name of an object within the Category, for example, a phone number on an Access Control List or an enforcement action on a Telemarketing Call Classification.
Use the following procedure to save time searching when you know the Object ID.
  1. Access the Activity Log tab.
  2. In the Search Object ID text box, enter the Object ID. The text box is not case sensitive.
    The center pane displays the results in a list that you can scroll.