Thanks, Kiran, for the response. One follow-up question. So, if we see these entries in the auditlog:
20180621 09:51:58.680 | 822596db-2a0b-43cb-8c7a-410f4dab48a7 | req | WLA_REST_WADE_SU | admin | read user | NGUYTRA |
20180621 09:51:58.680 | 822596db-2a0b-43cb-8c7a-410f4dab48a7 | resp | WLA_REST_WADE_SU | admin | read user | NGUYTRA |
20180621 09:51:58.680 | 50327c2b-8bd6-4df2-8eee-813176fa5a73 | req | WLA_REST_WADE_SU | admin | read group | INV_ADMIN_SUPERUSER |
20180621 09:51:58.680 | 50327c2b-8bd6-4df2-8eee-813176fa5a73 | resp | WLA_REST_WADE_SU | admin | read group | INV_ADMIN_SUPERUSER |
20180621 09:51:58.680 | d7910b8e-8d8d-4bb2-b732-929f7678fa24 | req | WLA_REST_WADE_SU | admin | read group | EVERYONE |
20180621 09:51:58.681 | d7910b8e-8d8d-4bb2-b732-929f7678fa24 | resp | WLA_REST_WADE_SU | admin | read group | EVERYONE |
Does this mean that someone submitted those READ commands from the Web client? And is this as designed, that the action would be masked as to who really submitted the commands?
We use the auditlogs a lot to identify Users who have performed actions, so if this is how the Web client will work, not sure it's a benefit for troubleshooting.
Denise