Using Login Notification to create access log

If you have questions or if you want to share your opinion about Aware IM post your message on this forum
Post Reply
kklosson
Posts: 1628
Joined: Sun Nov 23, 2008 3:19 pm
Location: Virginia

Using Login Notification to create access log

Post by kklosson »

What am I missing on this?

I created a Login Notification and in the Rule for when the notification is created, I added statements to CREATE an access record for the person logging in. So far, nothing. Am I correct in assuming that the Login Notification is created with each Login? Does the Notification have to be SENT (I tried that too)? I'm missing something here about when this notification occurs.

I don't see login notifications being used in any of the same apps. No help there.
Top
tford
Posts: 4238
Joined: Sat Mar 10, 2007 6:44 pm

Post by tford »

Following login notification rules work for me:

1) Creates a log of users and updates certain attributes of the LoggedInRegularUser BO:
CREATE UsersLog WITH UsersLog.IpAddress=LoginNotification.RemoteAddress,
UsersLog.Name=LoginNotification.LoginName,
UsersLog.Time=CURRENT_TIMESTAMP,
UsersLog.LogType='Login',
UsersLog.AccessLevelName=LoggedInSystemUser.AccessLevel

LoggedInRegularUser.LastLoginTime=CURRENT_TIMESTAMP

LoggedInRegularUser.LastRemoteAddress=LoginNotification.RemoteAddress

INCREASE LoggedInRegularUser.NbrLogins BY 1


2) Sends an administrator a message that a user has logged into the system. This can be enabled / disabled via a SystemSetting:
If SystemSettings.EmailLogins='Yes'
Then
SEND OutgoingEmail_Admin_UserLoggedIn TO SystemSettings

Tom
Top
kklosson
Posts: 1628
Joined: Sun Nov 23, 2008 3:19 pm
Location: Virginia

Post by kklosson »

Hmmm. That seems to be what I'm doing. I have a rule to create the Access Log record in the Login Notification. I can't get much from the log either.
Top
kklosson
Posts: 1628
Joined: Sun Nov 23, 2008 3:19 pm
Location: Virginia

Post by kklosson »

So my rule is simply:

CREATE AccessLog WITH
AccessLog.Candidate=LoggedInCandidate,
AccessLog.DateTime=TIMESTAMP(),
AccessLog.IPAddress=LoginNotification.RemoteAddress,
AccessLog.LoginID=LoginNotification.LoginName

I don't even see anything being logged...
Top
tford
Posts: 4238
Joined: Sat Mar 10, 2007 6:44 pm

Post by tford »

Feel free to post your rule.

I'm assuming you are placing the rule in the section "When LoginNotification is received"

Tom
Top
tford
Posts: 4238
Joined: Sat Mar 10, 2007 6:44 pm

Post by tford »

I'm thinking you are putting the rule under AccessLog BO instead of the LoginNotification.
Top
kklosson
Posts: 1628
Joined: Sun Nov 23, 2008 3:19 pm
Location: Virginia

Post by kklosson »

No, I'm placing it in When Created, though I tried the other.

Do system settings need to be set to email logins?
Top
kklosson
Posts: 1628
Joined: Sun Nov 23, 2008 3:19 pm
Location: Virginia

Post by kklosson »

This is all I have in the log...

-Exception while calculating the action CREATE AccessLog WITH AccessLog.Candidate=LoggedInCandidate,AccessLog.DateTime=TIMESTAMP(),AccessLog.IPAddress=LoginNotification.RemoteAddress,AccessLog.LoginID=LoginNotification.LoginName
Top
tford
Posts: 4238
Joined: Sat Mar 10, 2007 6:44 pm

Post by tford »

It should be in the "When LoginNotification is received" section.
Do system settings need to be set to email logins?
Yes, you need to create a SystemSettings instance in the BO and the SystemSettings BO needs to be intelligent to send emails of logins.

Tom
Top
tford
Posts: 4238
Joined: Sat Mar 10, 2007 6:44 pm

Post by tford »

TIMESTAMP(),
If you look at my rule, the proper syntax is CURRENT_TIMESTAMP
Top
kklosson
Posts: 1628
Joined: Sun Nov 23, 2008 3:19 pm
Location: Virginia

Post by kklosson »

Well,

I don't need to send any emails, I just want to log the even in the database.

On TIMESTAMP, I found that the rule would not validate with ()

This may be the heart of the problem...
Top
tford
Posts: 4238
Joined: Sat Mar 10, 2007 6:44 pm

Post by tford »

Since you seem to be interested in Login stuff, I use the following rules to:
1) I keep a log of bad login attempts
2) I get an immediate email when it occurs so that I can contact a user that is having a problem.



Place the following rule in the "When LoginAttemptNotification is received" section of LoginAttemptNotification

If EXISTS SystemUser WHERE (SystemUser.LoginName=LoginAttemptNotification.LoginName) Then
CREATE UsersFailedLogins WITH UsersFailedLogins.IpAddress=LoginAttemptNotification.RemoteAddress,UsersFailedLogins.Name=LoginAttemptNotification.LoginName,UsersFailedLogins.Time=CURRENT_TIMESTAMP,UsersFailedLogins.Reason='Invalid Password'

Else

CREATE UsersFailedLogins WITH UsersFailedLogins.IpAddress=LoginAttemptNotification.RemoteAddress,UsersFailedLogins.Name=LoginAttemptNotification.LoginName,UsersFailedLogins.Time=CURRENT_TIMESTAMP,UsersFailedLogins.Reason='Invalid User Name'



I then have a rule for the UsersFailedLogins BO:
If UsersFailedLogins IS NEW Then
SEND OutgoingEmail_InvalidLogin TO SystemSettings



Tom
Top
kklosson
Posts: 1628
Joined: Sun Nov 23, 2008 3:19 pm
Location: Virginia

Post by kklosson »

And there you go...

I was using TIMESTAMP, instead of CurrentTimeStamp.

Made all the difference.

Thank you for helping me through this. You're a big asset!
Top
Post Reply

Return to “General discussion and questions about Aware IM”