Audit trail for Enabled Sites

Hey Folks,

Does anyone know if there is a way to track or find out which user enabled a specific patch site?
I can see in the GatherDB log when it was done, but nothing about who enabled it. My audit
file also only shows logins for the day mentioned in the GatherDB log, nothing about actions.

Thanks!

There isn’t anything I can locate within the database directly however have you checked your server’s server_audit.log for an entry?

It has the records of people logging in of course, but nothing specifically on the site being enabled.

I am very surprised this event did not trigger an audit log entry. Reach out to support to see if they know of a method to produce the audit information in this case.

Additionally, I suggest filing a BigFix Idea (HCL way of saying Request for Enhancement [RFE]) via the BigFix Ideas Portal to add this very audit-worthy logging capability to the server. Personally, I would have expected to see (at a minimum) the following events already to be in the audit log (including the what/when/by whom):

  • Site Enabled
  • Site Disabled/Removed
  • Site Subscription Method Changed
1 Like