vRSLCM Audit – vRSLCM knows what you did last summer

vRSLCM Audit – vRSLCM knows what you did last summer

This post was originally published on this site ---

vRSLCM Audit

 

 

 

 

 

 

 

 

 

 

vRSLCM 2.0 introduces the Audit feature, which enables vRSLCM to track user generated requests and map them to the corresponding users who had triggered these requests. The audit feature not only allows for added visibility but also allows the administrators to minutely comprehend the way in which the system is been used by various users, which in turn allows them to foresee any training and upskilling requirements, more on this later.

To accommodate audit requirements a new ‘Request User IDs’ column has been added to the request page.

http://blogs.vmware.com/management/files/2018/12/word-image-1.png

The ‘[email protected]’ Request User ID, which can be seen in the image above is the default vRSLCM user. If a vRSLCM system is upgraded from version 1.3 to 2.0, the requests which were existing in the system before the upgrade, will show ‘Unknown’ as the Request User ID.

To further enhance the security aspect, vRSLCM now tracks adding, updating and deleting users and groups with minute details of the roles with which these users or groups were added/updated.

http://blogs.vmware.com/management/files/2018/12/word-image-2.png

Also, creation or deletion of Data Centers is monitored in the form of requests.

http://blogs.vmware.com/management/files/2018/12/word-image-3.png

Enhancement of filters on request page

As a part of the audit feature enhancement, vRSLCM has enhanced its request page filters to allow administrators to study user triggered actions and enhance efficiency. For instance, you can filter all requests with ‘Failed’ status for a certain user and analyse the reason behind their failures and take preventive actions, to avoid similar failure re-occurrences.

Observing from a pattern, one can also interpret which requests are most frequent, giving as insight into how the system is used by different users. Further, depending on the success or failure rate of the requests, the administrator can understand the area in which the users might need more training, to ensure single shot success for each action.

a. Select ‘Failed’ as the ‘Request State’:

http://blogs.vmware.com/management/files/2018/12/word-image-4.png

b. Select the desired ‘Request User ID’, for instance I have selected ‘[email protected]

http://blogs.vmware.com/management/files/2018/12/word-image-5.png

c. Final outcome:

http://blogs.vmware.com/management/files/2018/12/word-image-6.png

The ‘Request Type’ filter by default filters-out the system generated requests and shows the requests for the past one week. The time duration can be modified using the ‘Last Updated’ filter.

Exporting vRSLCM requests as CSV

The vRSLCM request information is not only available in the request page but can also be exported to a CSV file which can be shared with users who might not have access to vRSLCM.

Steps to Export Requests to a CSV:

1. Click on the request icon in the left panel to navigate to the requests page:

http://blogs.vmware.com/management/files/2018/12/word-image-7.png

2. Click on Export button, select ‘All Requests’, if you wish to export all requests in the system as a CSV, else select ‘Filtered Requests’ which exports the requests after applying the filters currently chosen on the request page.

http://blogs.vmware.com/management/files/2018/12/word-image-8.png

3. Allow the system some time to export the requests, the time taken could vary depending on the number of requests in the system:

http://blogs.vmware.com/management/files/2018/12/word-image-9.png

4. Once the report is generated, the ‘Download Report’ button is enabled. Click the ‘Download Report’ button to download the exported file.

http://blogs.vmware.com/management/files/2018/12/word-image-10.png

The exported CSV file will only contain vRSLCM requests which existed in the system before the export button was clicked. New Requests which were created while the export request was getting processed will not be a part of the CSV.

Troubleshooting Scenarios with Audit

The Audit feature also enables administrators to investigate activities which might have led to an issue.

For instance, in the below screen shot it can be seen that the system has run out of disk space, but you as the admin are not aware why this might have happened.

http://blogs.vmware.com/management/files/2018/12/word-image-11.png

The Admin navigates to the request page, from the screen shot below it’s evident that a user with the user id ‘Auto.admin’ downloaded all ‘My VMware’ products, which made the machine run out of space.

http://blogs.vmware.com/management/files/2018/12/word-image-12.png

Similarly, other issues too can be scrutinized, for instance the admin notices that VRA is not working. On navigating to the request page, it can be observed that the certificate for VRA was replaced by ‘Auto.admin’ user.

http://blogs.vmware.com/management/files/2018/12/word-image-13.png

The admin can now reach out to ‘Auto.admin’ user and understand why the certificate was replaced and the reason as to why the certificate is causing an issue with vRA.

Is there some other area in vRSLCM, you wish there was a blog on? If so, leave it in the comments section and we will make it happen!

The post vRSLCM Audit – vRSLCM knows what you did last summer appeared first on VMware Cloud Management.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.