Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
No replies
Asadz
Asadz
55 Posts
ACCEPTED ANSWER

Pinned topic How to audit sytem / web-users investigating suspicious activity?

‏2013-05-20T17:20:43Z |

I see some suspicious activity associated with the user of Qradar system , web-ui and console ssh access. Is there any way i can find the ip / user name of person logged in to the system lets say past 24 hours?

Like in linux i remember there was a LAST -r commands to show list of users who logged onto the system, does qradar application stores logins info in some sort of file / or log to query.

 

Thanks