Skip to main content
Version: Axidian Privilege 3.2

All Sessions

The section is intended to search and view active and finished sessions.

By default, the page displays 15 sessions.

info

You can change the default number of sessions on a page in the configuration file.

At the bottom of the page there is a paginator to view the remaining sessions.

Next to the paginator there is a switch Show by: 15 30 60 100 to see more sessions on a page and not switch between pages too often.

If there are fewer than 15 sessions, they are placed on one page and Show by switch with paginator are not displayed.

The search allows you to display only those sessions that meet the specified criteria. There are two types of search:

  • Quick search is a search bar. You can only search by one criterion. Text input.
  • Extended search is a form with several fields. You can search by several criteria at once. Dropdown lists.

You can enter one or several words into the search bar. Words can be written in whole or in part (3 or more letters).

Example

To find a session with the reason Program update approved by the manager you need to enter any of the words: Prog, upd, appr, manag.

caution

You can't enter the trailing substring of the word to the search bar. If you enter the date (the trailing substring of the word update), this session will not be found.

You can search for a session using two words, e.g. Prog upd, upd appr, appr manag.

caution

The words in the search query must be in the same order as in the reason for opening the session. If you enter the upd prog, the session will not be found, because these words follow in the opposite direction in the reason for opening the session.

The words in the search query must match the words that were next to each other in the reason for opening the session. You cannot enter words that have other words between them in the reason for opening the session. If you enter the prog manag, the session will not be found, because there are some other words between these words in the reason for opening the session.

States and reasons of session termination
State
Reason
Terminated due to error
  • Lost connection with PAM Gateway
  • An error occurred during the session
  • SSH key fingerprint mismatch detected
Terminated according to PAM rules
  • Maximum session duration reached
  • Permission has been revoked
  • Permission has been suspended
  • Access Schedule or Permission Period Limit reached
  • User has been blocked
  • User has been removed
  • User has terminated the session
  • Absence of user activity
  • Session request timeout has expired
  • The session has not been opened by PAM Gateway
  • Session text log change detected
Terminated by administrator
  • Administrator has terminated the session
  • Administrator rejected the session request
Terminated by userUser has terminated the session
Interrupting

Active

Not initialized

You can search by one or several criteria. If you select several criteria, sessions that meet all of the listed criteria will be displayed.

Example

If you select john.smith@company.demo in the User field and SSH in the Connection Type field, then only sessions of this user with this connection type will be displayed.

caution

Only one value can be selected in each field. You will not be able to display the sessions of the users john.smith@company.demo and james.smith@company.demo by one extended search query. You can do this using a text search for the query smith.

Dumping the Session Log to a File

Session log can be unloaded into two types of files: CSV and XSLX. To download the log, click on the corresponding button.

The report is generated in the form of a table with columns: "User", "Account name", "Resource", "Duration", "Connection type", "Started at", "Finished at", "Status".

Only the last 10,000 records are dumped.

Session Page

The following data is displayed for each session:

  • User — the user of the Active Directory that initiated the session.
  • Account — an account that is used to open an RDP, SSH, or web session.
  • Resource — a resource on which RDP, SSH or web-session was opened on behalf of the account.
  • Connection address — resource IP address.
  • Reason — is the reason for connecting to the resource.
  • Duration — the duration of the session in hours, minutes, and seconds.
  • Connection type — the type of connection to the resource that is used by local or domain accounts to open a session.
  • User's IP — The IP address from which the user connects to PAM Gateway, SSH proxy or RDP Proxy.
  • Connected to PAM — the date and time the user connected to Axidian Privilege.
  • Opened on resource — date and time of session opening on the resource.
  • Finished — the date and time of closing the session.
  • State — the current state of the session.
  • Description — the description of the permission specified at the stage of creation.
  • Created at — the date and time the permission was created.
  • Created by — Axidian Privilege Administrator Account.
  • Confirmation time — the date and time the session request was confirmed.
  • Confirmed by — Axidian Privilege administrator who confirmed the session request.