Top
Systemwalker Desktop Keeper User's Guide for Administrator
FUJITSU Software

9.2.22 Logon/Logoff Log

This is the log when the following operations are performed in the client (CT).

How to apply

When collecting logon/logoff log, the following application can be performed:

Set policy for collection

Set policy in the Terminal Initial Settings window or the window after the Management Console is started (CT policy settings window).
In Windows > Log collection operation, set Logon/Logoff Log to Yes.

Collected information

This section describes the information collected in the logon/logoff log.

The corresponding operations in the following cases are collected as logs.

How to search

About keyword search items

The search can be performed in PC startup log by using strings such as "Startup in Normal Mode", "Startup in Safe Mode" and "Startup in Safe Mode with Network Connection".
Enter a keyword in double-byte when searching for the first time. Strings input previously can be selected in the drop-down menu starting from the next search.

The search can be performed in the PC shutdown log by using string "XX hours YY minutes". Time is searched for under partial match or complete match. Size search cannot be performed.
Enter the numerals ("XX" and "YY") in single-byte.
Enter "hour" and "minute" in double-byte.

Displayed content

The following log content can be viewed:

Name: name of the client (CT)

Occurrence Date and Time: time for collecting logs at client (CT)

User ID: the following information is displayed. (*1)

Domain Name: the following information is displayed:

Type: the following content is displayed according to log type (fixed):

Classification: normal (fixed value)

Attachment: (not displayed)

Content: the following content is displayed:

*1: When performing keyword search in Log Viewer, it can be specified as keyword.

Note: the following content is displayed.

*1: When performing keyword search in Log Viewer, it can be specified as keyword.

Example of Notes:

When performing local logon to the client (CT) as user directly

Connection method: [Local], operation terminal: [This Computer Name], logon method: [Local Logon], logon authority: [User Authority], Session No: [Session ID]

When performing domain logon with administrator authority through terminal service

Connection method: [Remote], operation terminal: [Name of This Computer Performing Connection Operation], logon method: [Domain Logon], logon authority: [Administrator Authority], Session No: [Session ID]

When cutting off the power of PC by force

Shutdown action: [Abnormal Shutdown]

Example of log:

CLIENT1 2015/05/30 01:15 SYSTEM D-DOMAIN PC startup Normal Computer has been started.Startup mode [Normal mode startup]
CLIENT1 2015/05/30 01:20 user01 D-DOMAIN Logon Normal Logged on.Authentication target: [D-DOMAIN] Connection method: [Local],Operation terminal: [CLIENT1],Logon method: [Domain Logon], Logon authority: [User Authority],Session No: [0]
CLIENT1 2015/05/30 04:32 SYSTEM D-DOMAIN PC sleep Normal Computer has slept.Startup time: [3hours12minutes]
CLIENT1 2015/05/30 05:15 SYSTEM D-DOMAIN PC restoration Normal Computer has been recovered.
CLIENT1 2015/05/30 14:18 user01 D-DOMAIN Logoff Normal Logged off.
CLIENT1 2015/05/30 07:43 SYSTEM D-DOMAIN PC Shutdown Normal Computer has been shut down Startup time: [2hours28minutes],OS startup time: [6hours28minutes]