Skip to main content

SessionGuardian logs

SessionGuardian Security Logs track audit and security events generated by the SessionGuardian Client on end-user devices. These logs help administrators monitor user activity, detect security incidents, and generate reports for compliance.

In the SessionGuardian Admin Console, click Logs. You can view event details and generate reports based on specific audit and security events.

sg_logs_001.png

Log events in SessionGuardian Client

SessionGuardian logs various security and audit events to help administrators track user activity and system actions.

The following event types are generated by the SessionGuardian Client and sent to the Admin Console for monitoring and analysis.

Msg ID

Message name

Meaning

Win Client

Mac Client

SG Web

001

STARTED_SECURE_SESSION

While session started (i. e. VM started or first target URL opened)

X

X

X

002

STOPPED_SECURE_SESSION

While session stopped

X

X

X

003

DETECTED_AUTHORIZED_USER

Detected authorized user after first recognition

X

X

X

005

DETECTED_NOT_AUTHORIZED_USERS

Detected non authorized user(s)

X

X

X

006

AUTHORIZED_USER_NOT_FOUND

Authorized user not found

X

X

X

007

DETECTED_MOBILE_PHONE

Mobile phone detected

X

X

X

008

ACCEPTED_AGREEMENT

Agreement was shown and user clicked “Accepted”

X

X

X

009

VM_WINDOW_OPENED

Remote virtual machine session opened

X

X

X

010

VM_WINDOW_CLOSED

Remote virtual machine session closed

X

X

X

011

INVALID_AV

Invalid AntiVirus state

X

012

INVALID_WEBCAM

Invalid WebCamera state

X

X

X

013

DETECTED_VM

Detected Virtual Machine while it is prohibited

X

X

X

014

DETECTED_RDC

Detected Remote Connection

X

015

VM_CLIENT_NOT_INSTALLED

Virtual Machine client has not been installed on the user’s PC

X

X

019

SCREEN_LOCKED

Screen was locked

X

X

020

SCREEN_UNLOCKED

Screen was unlocked

X

X

021

MOBILE_AUTH_VERIFIED_USER

Successful mobile user authentication

X

X

022

MOBILE_AUTH_LIVENESS_DETECTION_FAILED

Mobile authentication liveness detection failed

X

X

023

MOBILE_AUTH_USER_NOT_RECOGNIZED

Mobile authentication : user was not recognized

X

X

024

MOBILE_AUTH_DISPLAYED_QR_CODE

Mobile authentication : QR code was shown

X

X

030

WHITE_LIST

Target URL: white list contents

X

031

REJECTED_URL

Target URL: rejected address

X

032

ACTIVE_URL

Target URL: new web page opened

X

033

PROXIES_CONFIG

Proxies configuration

X

034

APP_VERSION

Application version

X

035

APP_UPDATE

Application update information

X

036

MOBILE_AUTH_CANCELED

User canceled mobile authentication

X

037

CLIENT_PROXY_ERROR

Proxy server connection error

X

038

DOWNLOAD_FILE

Download file event

X

039

OPEN_WINDOW

Open window or tab event

X

Log attributes in SessionGuardian Client

The following is a list of attributes that are recorded in each log event.

Attribute Name

Description

Time

Event time in the timezone of the host

Username

The username of the user profile that is in use on the host device.

IP

The public IP address of the host device. This is the IP address that is visible to the SessionGuardian Console Server.

Agent Version

The version of the SessionGuardian Client.

Host Name

The hostname of the resource that is being accessed. (May be blank)

Instance

The instance or resource type that is being accessed.

Project

The project that the user profile is tied to.

Event ID

One of the above Event ID’s.

Event Name

The name of the event.

Message

Details of the event.

Log events in SessionGuardian Desktop Service

The following event types are generated by the SessionGuardian Desktop Service and sent to the Admin Console for monitoring and analysis.

Event ID

Event Name

1005

DETECTED_NOT_AUTHORIZED_USERS

1006

AUTORIZED_USER_NOT_FOUND

1007

DETECTED_MOBILE_PHONE

1011

INVALID_AV

1042

USER_SYSTEM_ENVIRONMENT

1043

WEBCAM_UNAVAILABLE

1044

WEBCAM_FAILURE