Intelligent netflow for user activity tracking

Hi All,
I am looking for a netflow system that can track a specific users activity on the network.
What I am looking for is a system that can take the netflow information and create a link from the IP information to a user or website/server so that you can search for a user and get a complete overview of the users network communication.
Anyone know of such a product?

Scrutinizer can do this.  This blog explains how we grab the log but, we can also launch a page for a specific IP address. 
 

Similar Messages

  • Query for 'User Activity' Webi Line Chart using BO4.0 Auditor

    Need to create a webi line chart to measure  ‘user activity’ per month, year or day using BO4.0 Auditor on Oracle.    
    This question raises two sub-questions:
    What actions constitute user activity?  Is it concurrent logins by users?   I am confused if that would really give a true picture of user activity as users can log in and do nothing on the BO system.  
    If concurrent logins do in fact give a true picture of user activity then how do I go about creating a chart? What objects do I need to include in query?
    Please provide feedback?
    Thank u.

    Hi Ramil,
    Follow below steps to create a webi report for your requirement, launch Webi rich client and create a new webi report by selecting "BOEXI40-Audit-Oracle" (Audit universe)
    1) Select below objects in 'Result Objects' pane
    [Event Year], [Event MonthName],[Event DayofMonth], [Event Type], [User Name], [Total Event Count]
    2) Define below conditions in "Query Filter" pane
    [Event Type Id] In list 1015 AND [Event Year] In list "Select Year" (Prompt)
    3) Run query
    4) At report level create a new variable of type measure with the name "User Activity" with below formula
    =Count([Total Event Count]In([User Name];[Event MonthName];[Event DayOfMonth]) )
    (This formula will track  logout event of a each user in a day as well as in a month, it will take/count only one log out event of the user in a day as you desire)
    5) Create a table block as well as graphs as you desire
    i) For day wise user activity create a table/graph using: [Event DayofMonth], [User Activity]
    ii) For month wise user activity create a table/graph using: [Event MonthName], [User Activity]
    Let me know if you have any questions
    ~Manoj

  • Can't find App for an activity tracker is AUS store..only available on US store

    I just bought a wireless tracker from the US.
    I live in Australia.
    The recommended app to use is from the US store but I only have an account in the Australian app store.
    I tried to sync it via bluetooth but my iPhone can't find the device.
    It doesn't mention anywhere on the product that it is only for use in the US.
    Any suggestions on how I can access the app(or one that will work with the tracker) via an Australian App store?
    The product is by Sharper Image and it's called a Wireless Activity Tracker #STRX10
    Thanks

    It does appear the app is no longer in the App Store.  Best advice would be to contact iTunes support:
    http://www.apple.com/support/itunes/contact/

  • Signal name for user activity, whether random button pressed or any other?

    Hey,
    what's the signal name for a random key-press-event or mouse button clicked or even mouse moved. Any user activity would to just fine. I'm trying to use this in conjunction with the waitfor command.

    Batch files have no ability to detect keyboard or mouse events other than the "pause" command.

  • Should I monitor the SQL Server tempdb for user activity?

    I am currently auditing all databases on SQL Server 2008 R2 for specific events ( database accounts related activity) . I get alot of events generated for
    tempdb. I am monitoring the following events 47, 102, 103, 104, 105, 108, 109, 110, 111, 113, 117, 130, 170, 171, 173, 176 is what I am monitoring.
    Do I need to monitor tempdb or is it alright to exclude the
    tempdb?
    Thanks in advance.

    What is your tempdb configuration? Is it located on separated physical drives? Are you observing bottleneck on tempdb?
    --user sessions that are
     --allocating internal objects, including currently active tasks
    SELECT  
        t1.session_id, 
        (t1.internal_objects_alloc_page_count + task_alloc) as allocated, 
        (t1.internal_objects_dealloc_page_count + task_dealloc) as     
        deallocated  
    from sys.dm_db_session_space_usage as t1,  
        (select session_id,  
            sum(internal_objects_alloc_page_count) 
                as task_alloc, 
        sum (internal_objects_dealloc_page_count) as  
            task_dealloc  
          from sys.dm_db_task_space_usage group by session_id) as t2 
    where t1.session_id = t2.session_id and t1.session_id >50 
    order by allocated DESC
    the allocation bottleneck is caused 
    when allocation structures are accessed
     by concurrent threads in conflicting modes. 
    Since the database id of TempDB is 2,
     the search argument ‘2.%’ represents any page 
    in TempDB across any file. If this page happens 
    to be GAM, SGAM or PFS, it will represent allocation bottleneck. 
    Note, in a concurrent application, some blocking is expected so
     you will need to baseline the allocation waits when your 
    application is performing normally. 
    Only when the waits exceed the baseline significantly,
     it signals that you are incurring allocation bottleneck.
    select   session_id, wait_duration_ms,   resource_description 
          from    sys.dm_os_waiting_tasks
          where   wait_type like 'PAGE%LATCH_%' and
                  resource_description like '2:%'
    Best Regards,Uri Dimant SQL Server MVP,
    http://sqlblog.com/blogs/uri_dimant/
    MS SQL optimization: MS SQL Development and Optimization
    MS SQL Consulting:
    Large scale of database and data cleansing
    Remote DBA Services:
    Improves MS SQL Database Performance
    SQL Server Integration Services:
    Business Intelligence

  • How to track activity for users logged in using solman to target systems?

    If a person accesses a monitored system through solman, how can we track the user activity (including transactions viewed and changes made etc)?
    Thanks
    Prasad

    Hi Prasad,
    Please refer the following similar threads to get more detailed Information:
    STAD parameter
    STAD Historical Data - How Long?
    STAD -  data for last  30 days
    Also check this useful Blog about STAD(/people/andreas.vogel/blog/2007/01/12/statistical-records-part-1-inside-stad) and SAP Note 139418 - Logging user actions.
    You can also configure and activate the Security Audit Log (SM19) and then analyze its entries through SM20. You can configure exactly what needs to be tracked...
    Useful transactions:
    SM19 (config)
    SM20 (analyze) (SM20N , depending on release)
    SM18 (delete old logs)
    Other SAP Note which is helpful in this case 539404 - FAQ: Answers to questions about the Security Audit Log
    Hope this helps.
    Regards,
    Shyam.

  • Track User Activity

    Hello,
    I need to be able to track our user activity in a company intranet.  I need to track when and capture the user name of the employee to a database so that I can build reports from it.
    This is more than web statistics. I need to be able to verify that the user actually visited the page.
    Any ideas and tips would be greatly appreciated!  I can't find an extension that works with ASP to help me with this.
    Crystal

    As much as I believe in Dreamweaver for corporate intranets, due to the typical structure, your best bet is Sharepoint Server with Sharepoint Designer.  You can track by the network login and do many things that would take a lot of programming for a Dreamweaver based site and it supports ASP much better than DW ever will because ASP is made by MS.

  • Tracking user activity (including objects/records/data viewed)

    Hello everybody,
    I am looking for information regarding monitoring of user activities on the system.
    I know the main instrument to achieve that is the security audit log (sm19/sm20) but that does not monitor the data user accesses to. I.E., they log the user launches transaction su01 (view/modify user data), for example, but not which user data he looks at.
    Insufficient to get that are also STAD/STAT transactions too, maybe user trace st01 or st05 give that data?
    Even in that case however a user trace would be very heavy on the performances and on the occupied disk space I think, so I am wondering, and asking all the experts, is if there are standard transactions to achieve the same, or maybe even external 3rd party programs.
    Thank you
    Marco Baiocco

    > Unfortunately that is not yet really clear even to me.
    I see...
    > I have been passed a generic request to investigate upon tracking mechanisms: the customer wants to be able to know which user have made logon and on which data they have worked (in read only and in modification).
    > I guess this could imply sensitive data but possibly also business data.
    The question to be answered also is: Is it legal in the country to track all the user activity?
    > If there is a solution for sensitive data, at least (btw su01 was just an example)?
    I'm not really aware of any but Security Audit.
    I would ask the customer what exactly he wants and what he plans to do with the data. There are SAP products (GRC) to help auditing and securing the system but first there must be a clean requirement to find out, which way to go.
    Markus

  • Tracking User Activity with Standard Web Logs and Tools Like WebTrends

    We are running EP 6 SP14 on UNIX and I'm looking to track user activity.  Not just how many people have logged in, but who is accessing what documents in KM.  For example, what documents are the most popular and how much use the system is getting.
    I was hoping that EP 6 (Unix platform) ran off us some standard web engine (like Apache) and we could just turn web logs on, but from the lack of discussion on SDN, I'm not encouraged.
    All I've seen is unofficial link to a Portal Activity Report, which would get us part of the way, but is not full web reporting.
    Portal Activity Report:
    https://www.sdn.sap.com/irj/sdn?id=/library/uuid/0101b690-0201-0010-6584-a02730ad5edd
    Does anyone have any insight on this?

    HI llise
    Did you get any answers? We are in the same quandry as the exisitng tracking reports are not sufficient for our needs as our users are used to using more sophisticated tools like livestat.

  • I want to open excel spread sheets make additions and export back to pc users.  Is numbers suitable for this activity?

    I want to open excel spread sheets make additions and export back to pc users.  Is numbers suitable for this activity?  I am using a MACBook Air

    just read this in an other answer:
    Pages can open docx files, Numbers can open xlsx files. Each can export to  can export .doc or .xls to the newest Word or Excel format.respectvely, but not to the more recent .docx or .xlsx.
    Translation is not perfect in either direction. Numbers and Excel handle some similar features (eg. pop-up menus vs data validation) differently, and the translator cannot translate from one implementation to the other.
    If much of your work is going to be transferred between your machine and Windows machines running either MS Excel or MS Word, with editing taking place at both ends of the tunnel, then you'll probably be better off with Office, or one of the Office clones on the Mac end.

  • How do I create Local Network Home Folders for Users from an Active Directory binding?

    My situation is this... I run an iMac lab at my school.  I have a server set up to manage the network user accounts in the lab.  Currently, I can sucessfully create Local Network Users and log in to them from any of the iMacs.  My school has an Active Directory set up for all the students on campus.  What I'd like to be able to do is configure the server to allow the students to use their user names and passwords from their school accounts to log in to the iMacs and have it automatically build a network user folder on the server for them to use during the lab. 
    So far, I have been able to configure access for the Active Directory accounts to use the services on the server, mainly File Sharing, but I cannot figure out how to allow them to log into a user account on the client's machines using their same Active Directory credentials.  I have even attempted to allow the user accounts to create mobile accounts, but that's not working out either.  Entering indivual network user accounts into the server for every student every semester will be a nightmare.  I'm sure there's a way to do it automatically using the exisitng Active Directory structure.
    The live server is running 10.8.5 Server still, but I've also got a clone running OS X Server in case it matters.  Please help!

    ok reinstalled everything dns seems to be working have done sudo changeip -checkhostname and it says that both names match but then i started open directory and can't seem to get Kerberos started, i've tried changing it to stand alone then back again but it does nothing. I'm wondering why this would happen? i've tried adding a kerberos record but it doesn't do it just does nothing so i don't know what i'm doing wrong. I wondered if it might be a problem with the two network cards and dns as on ethernet one it is getting the dns name xserve.xxxx.ac.uk (which matches what the college server wants to call us) but on ethernet 2 gets xserve-2.local because it tells me that it already exists on ethernet one and renames it to this. I need to set up NAT so have ethernet coming in on port one and out again on port two. I wonder if my dns is backwards as its got the 192. address the NAT uses but its linked to the ethernet port one dns maybe this is the problem. would this cause open directory not to start kerberos?

  • Weblogic with Active Directory Authentication provider problem: DN for user ....: null

    I have a java application (SSO via SAML2) that uses Weblogic as a Identity Service Provider. All works well using users created directly in Weblogic. However, I need to add support for Active Directory. So, as per documentation:
    - I defined an Active Directory Authentication provider
    - changed it's order in the Authentication Providers list so that it comes first
    - set the control flag to SUFFICIENT and configured the Provider Specific; here's the concerned part in config.xml:
    <sec:authentication-provider xsi:type="wls:active-directory-authenticatorType">
            <sec:name>MyOwnADAuthenticator</sec:name>
            <sec:control-flag>SUFFICIENT</sec:control-flag>
            <wls:propagate-cause-for-login-exception>true</wls:propagate-cause-for-login-exception>
            <wls:host>10.20.150.4</wls:host>
            <wls:port>5000</wls:port>
            <wls:ssl-enabled>false</wls:ssl-enabled>
            <wls:principal>CN=tadmin,CN=wl,DC=at,DC=com</wls:principal>
            <wls:user-base-dn>CN=wl,DC=at,DC=com</wls:user-base-dn>
            <wls:credential-encrypted>{AES}deleted</wls:credential-encrypted>
            <wls:cache-enabled>false</wls:cache-enabled>
            <wls:group-base-dn>CN=wl,DC=at,DC=com</wls:group-base-dn>
    </sec:authentication-provider>
    I configured a AD LDS instance(Active Directory Lightweight Directory Services) on a Windows Server 2008 R2. I created users and one admin user "tadmin" which was added to Administrators members. I also made sure to set msDS-UserAccountDisabled property to FALSE.
    After restarting Weblogic I can see that the AD LDS's users and groups are correctly fetched in Weblogic. But, when I try to connect with my application, using Username:tadmin and Password:<...> it does not work.
    Here's what I see in the log file:
    <BEA-000000> <LDAP Atn Login username: tadmin>
    <BEA-000000> <authenticate user:tadmin>
    <BEA-000000> <getConnection return conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
    <BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)>
    <BEA-000000> <DN for user tadmin: null>
    <BEA-000000> <returnConnection conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
    <BEA-000000> <getConnection return conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
    <BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)>
    <BEA-000000> <DN for user tadmin: null>
    <BEA-000000> <returnConnection conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
    <BEA-000000> <javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User tadmin denied
      at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:229)
      at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
    So, I tried to look why do I have: <DN for user tadmin: null>. Using Apache Directory Studio I reproduced the ldap search request used in Weblogic and, sure enough, I get no results. But, changing the filter to only "(&(cn=tadmin)(objectclass=user))" (NOTICE, no userAccountControl), it works; here's the result from Apache Directory Studio:
    #!SEARCH REQUEST (145) OK
    #!CONNECTION ldap://10.20.150.4:5000
    #!DATE 2014-01-23T14:52:09.324
    # LDAP URL     : ldap://10.20.150.4:5000/CN=wl,DC=at,DC=com?objectClass?sub?(&(cn=tadmin)(objectclass=user))
    # command line : ldapsearch -H ldap://10.20.150.4:5000 -x -D "[email protected]" -W -b "CN=wl,DC=at,DC=com" -s sub -a always -z 1000 "(&(cn=tadmin)(objectclass=user))" "objectClass"
    # baseObject   : CN=wl,DC=at,DC=com
    # scope        : wholeSubtree (2)
    # derefAliases : derefAlways (3)
    # sizeLimit    : 1000
    # timeLimit    : 0
    # typesOnly    : False
    # filter       : (&(cn=tadmin)(objectclass=user))
    # attributes   : objectClass
    #!SEARCH RESULT DONE (145) OK
    #!CONNECTION ldap://10.20.150.4:5000
    #!DATE 2014-01-23T14:52:09.356
    # numEntries : 1
    (the "[email protected]" is defined as userPrincipalName in the tadmin user on AD LDS)
    As you can see, "# numEntries : 1" (and I can see as result the entry "CN=tadmin,CN=wl,DC=at,DC=com"  in Apache Directory Studio's interface); if I add the userAccountControl filter I get 0.
    I've read that the AD LDS does not use userAccountControl but "uses several individual attributes to hold the information that is contained in the flags of the userAccountControl attribute"; among those attributes is msDS-UserAccountDisabled which, as I said, I already set to FALSE.
    So, my question is, how do I make it work? Why do I have "<DN for user tadmin: null>" ? Is it the userAccountControl ? If it is, do I need to do some other configuration on my AD LDS ? Or, how can I get rid of the userAccountControl filter in Weblogic?
    I didn't seem to find it in config files or in the interface: I only have "User From Name Filter: (&(cn=%u)(objectclass=user))", there's no userAccountControl.
    Another difference I noticed is that, even though in Weblogic I have set ssl-enabled flag to false, in the logs I see ldaps and not ldap ( I'm not looking to setup something production-ready and I don't want SSL for the moment ).
    Here are some other things I tried but did not change anything:
    - the other "msDS-" attributes were not set so I tried initializing them to some value
    - I tried other users defined in AD LDS, not tadmin
    - in Weblogic I added users that were imported from AD LDS in Roles and Policies> Realm Roles > Global Roles > Roles > Admin
    - I removed all userAccountControl occurrences that I found in xml files in Weblogic (schema.ms.xml, schema.msad2003.xml)
    Any thoughts?
    Thanks.

    I managed to narrow it down: the AD LDS does not support the userAccountControl.
    Anyone knows how I can configure my Active Directory Authentication Provider in Weblogic so that it does not implicitly use userAccountControl as filter?
    <BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)> 

  • No active writeable datasource found for user creation, check your Persiste

    HI SAP Guru's
    Suddenly when I am login in Portal with J2EE_ADMIN or any user , I am getting error
    You are not authorized to access this application; contact your system administrator
    and when I am going to create user in identity management I am getting below error
    Current user has user creation permissions in the UME, but cannot create users in the back-end system (data source). The original and possibly untranslated message was: "No active writeable datasource found for user creation, check your Persistence Configuration.".
    I have searched all related treads in SDN but no success
    Please help.
    Thanks & Regards
    Vinay Patel

    Dear all,
    I was searching the community because I had this same error and there was no answer of how it was fixed. So I'm sending how I fixed today in a customer environment.
    1. Go to portal  http://<portal>/webdynpro/dispatcher/sap.com/tcsecumewdumeadmin/UmeAdminApp
    - select configuration
    - folder "sap system based in abap"
    - do the conection test
    If the test fails, log on in client 001 and change user SAPJSF:
    - assign role SAP_BC_JSF_COMMUNICATION (only this one) and one profile that has permission to RFC logon
    - you can change the password too
    STOP/START ABAP+JAVA
    Go again to the portal above and test connection again. The tests should now be OK.
    2. Go to portal  http://<portal>/irj
    - Log on with administrator user
    Now you should be able to create an user.

  • Issue running a User Activity Report for Lync

    When trying to run a User Activity Report, I am receiving the below error
    An error occurred during client rendering.
    An error has occurred during report processing. (rsProcessingAborted)
    Query execution failed for dataset 'CallList'. (rsErrorExecutingCommand)
    @_Endtime is not a parameter for procedure CdrP2PSessionList.  
    Any ideas on this error?

    If this is happening after applying CU6 then follow
    FIX: Monitoring Server Reports experiences poor performance in Lync Server 2010
    http://support.microsoft.com/kb/2703324
    if it gives any error when trying to update the backend database (in enterprise pool) then provide the -databasepaths parametr as explained at the end in this article
    http://technet.microsoft.com/en-us/library/gg399044.aspx
    DatabasePaths
    Optional
    String
    Specifies the drives and folders where data and log files can be stored; for example: -DatabasePaths "D:\Logs","E:\Data". 
    Gautam.

  • Tracking of user activity in the system

    i'm currently on a project which i need to use BI to track the user  activity on the SAP System example like the time they log in or out, the transaction thay made etc. was juz wondering if anyone can give me some idea, solution or a head start in my project. thanks.

    Hi,
        You could use the tables USR01.....thru USR07 etc.  These tables contain user information like name,login times etc.
    eg .USR07 gives the tcode etc.
         You could create a view to extract the appropriate fields. Then create a datasource using either the view or a function module. You'll have to decide your requirement. Then the rest in BI is pretty standard. The only point should be what data to extract from which tables and how...
    Assign points if useful
    Regards.

Maybe you are looking for