ADF:
adf_admin v.0.0.25-13+
tg_mod v0.180+
Current description covers JSON/Syslog format, which saved and forwarded to external systems as configured within ADF stack. In typical enrollment ADF would produce logs in custom structured JSON format, which may be easily converted to RFC 5424 or any compatible format.
| Field Name | description | value |
|---|---|---|
| ID | message identifier | int |
| module | defines module name, where event comes from | string |
| class | class of message (e.g. audit) | string |
| facility | log facility ID as described in syslog (1 - user, 13 - audit, etc.) | int |
| addr | IP address of client, if provided from requester system | string |
| msg | human-readable text message | string |
| OUID | Operation Unique ID - may be used to find all messages related to one particular process/operation | string |
| req | Information referring to the system or user, that requested operation | string |
| ip | IP address where request came from | string |
| uname | Username, related to current operation | string |
| geo | Geoposition, related to current operation | string |
| res | If event were related to an operation that requires resolution and it was actually resolved within this event, field contains resolution info (CONFIRM/DENY, SUCCESS/FAILURE etc.) | string |
| Field Name | description | value |
|---|---|---|
| req | Requester identifier, usually same as req field | string |
| ip | Request source IP, usually same as ip field | string |
| error | Error prodused by the code. It’s format can’t be fixed or specifically defined, as it comes from libraries | string |
| username | Login of user related to event, usually same as uname field | string |
| name | Text name of the user related to event | string |
| Connector_Name | Text name of the connector related to event | string |
| Connector_ID | ID string of the connector related to event | string |
| Connector_Server | Text uri of the LDAP server | string |
| Connector_Base | Text representation of the LDAP connector base for further search | string |
Human-readable text messages usually provided with most of the events, and stored in msg field. Should correspond with id field, but may be changed during active development, please refer to the actual module versions.
| id | message | description |
|---|---|---|
| 10 | [<OUID>] Record for <username> not found in DB. | Not found linking record for <username> |
| 11 | [<OUID>] Send error to <username> (<error>) | Error occured while sending message to <username> |
| 12 | [<OUID>] OTP save error for <username> (<error>) | Error occured while OTP record in database for <username> |
| 13 | [N/A] INFO - Removed expired/invalidated OTP records for [<username>] - QTY: <quantity of removed records> | Appears when made routine invalidation for expired OTP records |
| 14 | [N/A] INFO - Removed expired/invalidated OTP records for [ANY] - QTY: <quantity of removed records> | Appears when made routine invalidation for expired OTP records |
| 15 | Event ID <OUID> captured for user <username>. Pending: <pending status bool>, Resolution: <resolution status bool> | Received event from Telegram servers with user reaction |
| 16 | ERROR updating record for: @<username_tg> (<recipient_tg>) ERR=><error>) | Error occured when trying to update database record after event received |
| id | message | description |
|---|---|---|
| 17 | [N/A] PRELIMINARY: Got request for OTP check for <username>. Requested by: <requester>. For client [<client_address>] | Preliminaly message for request received from API/Radius |
| 18 | [<OUID>] Got request for new OTP for <username>. Requested by: <requester>. For client [<client_address>] | Request received from API/Radius |
| 19 | [<OUID>] Got request for OTP check for <username>. Requested by: <requester>. For client [<client_address>] | Request received from API/Radius |
| 20 | [<OUID>] Sending OTP. Recipient: <recipient_tg> <username_tg> [<username>] | When sending OTP request to user |
| 21 | [N/A] ERR - Requested check on OTP for [<username>] failed - Not found (<error>) | If received OTP check for nonexistent record |
| 22 | [<OUID>] ERR - Requested check on OTP for [<username>] failed - No match | When received OTP from user don’t match with saved record. Userentered wrong OTP. Fail counter would be increased. |
| 23 | [<OUID>] ERR - Failed to update fail count for [<username>] - DB error (<error>) | If fail counter was not updated due to database error |
| 24 | [<OUID>] INFO - Increased fail count for [<username>] = <counter> | Fail counter has been increased. |
| 25 | [<OUID>] OK - Requested check on OTP for [<username>] succeeded. | When received OTP from user and it matched saved record |
| 26 | [<OUID>] OK - OTP for [<username>] cleared. | OTP request record cleared |
| id | message | description |
|---|---|---|
| 27 | [<OUID>] Got request for new dynamic auth for <username>. Requested by: <requester>. For client [<client_address>] | Request received from API/Radius |
| 28 | [<OUID>] ERR - collision in RequestIDs | With dynamic auth requester may optionally send OUID, and this is routine check if OUID received is unique. |
| 29 | [<OUID>] Sending auth request. Recipient: @<username_tg> (<recipient_tg>) [<username>]. For client [<client_address>] | When sending Dynamic Auth request to user with longpolling request. |
| 30 | [<OUID>] User <username> requested auth confirmation. For client [<client_address>] | When sending Dynamic Auth request to user with async send/poll scheme. |
| 31 | [<OUID>] Send error to <username> (<error>) | Error occured while sending message to <username> |
| 32 | [<OUID>] User <username> denied authentication. For client [<client_address>] | When received responce from telegram user and it’s resolved in DENY |
| 33 | [<OUID>] User <username> confirmed authentication. For client [<client_address>] | When received responce from telegram user and it’s resolved in CONFIRM |
| 34 | [<OUID>] User <username> responce timeout. For client [<client_address>] | When no responce from telegram user received in allowed timeframe. Automatically resolved in DENY |
| 35 | [<OUID>] Error creating pendingRequest record for <username> (<error>) | Error occured when trying to save request record to database |
| 36 | [<OUID>] AUDIT: callback with CONFIRM decision received from tg user @<username_tg> (<recipient_tg>). | Received event from telegram user, claiming CONFIRM decision. Not the final resolution, it would be checked for validity. |
| 37 | [<OUID>] AUDIT: callback with DENY decision received from tg user @<username_tg> (<recipient_tg>). | Received event from telegram user, claiming DENY decision. Not the final resolution, it would be checked for validity. |
| 38 | [<OUID>] ERROR: received malformed callback from TG user @<username_tg> (<recipient_tg>) | Received event from telegram user were malformed and won’t be processed. |
| id | message | description |
|---|---|---|
| 39 | [<OUID>] Got request for new dynamic auth for <username>. Requested by: <requester>. For client [<client_address>] | Request received from API/Radius |
| 40 | ERR - Requested pendingRequest UID [<OUID>] too short | When polling request received, but OUID too short (less than 10 symbols) |
| 41 | ERR - Requested check on pendingRequest UID [OUID] failed - Not found | Polling check failed, record not found in database collection. |
| 48 | [OUID] Error creating pendingRequest record for <username> (<error>) | Polling request failed, record not created in database collection. |
| id | message | description |
|---|---|---|
| 42 | LINKING: Record for <username> not found in DB. Creating | First time when user entering deeplinking process, record created for it. |
| 43 | LINKING: New record inserted: <new link ID> | First time when user entering deeplinking process, record created for it. |
| 44 | LINKING: Record already found for: <username> | If record for user already in database. |
| 45 | LINKING: User linking already established for <username> >> @<username_tg> (<recipient_tg>) | If record for user already in database and linking with telegram already established. |
| 46 | LINKING: ERROR Updating record: <username> | Error occured while Linking record in database for <username> |
| 47 | LINKING: User linking successfully established! Username: <username> >> @<username_tg> (<recipient_tg>) | Successfully established Linking. Record saved in database. |
| 49 | LINKING: ERR: Received join request from TG user @<username_tg> (<recipient_tg>), with payload <payload_slice>…: <error>. | Received join request from TG user, but something went wrong. More context in error message |
| 50 | Notification email successfully sent to <username> | Successfully sent notification email to user. |
| 51 | Error sending notification email to <username>: <error> | Error sending notification email to user Transaction will be rolled back. |
| id | message | description |
|---|---|---|
| 100 | Received login request for <username> from <ip> | User sent login request to access admin panel. |
| 101 | Successful login for <username> from <ip>, [Internal/LDAP] | Successful login request to access admin panel. Bearer token issued for that session. |
| 102 | Failed login for <username> from <ip>, [Internal/LDAP]. Error: ‘<error>’ | Failed login request to access admin panel. |
| 103 | Error - User with role ‘<role_name>’ not authorized to access - failed login request for <username> from <ip> | Failed login request. User role don’t comply to access admin panel. |
| 104 | Error - User does not exist - failed login request for <username> from <ip> | Failed login request. Wrong credentials of non-existing user provided to access admin panel. |
| 105 | Failed login for <username> from <ip>, [Internal/LDAP]. Error: ‘user inactive’ | Failed login request. User inactive. |
| id | message | description |
|---|---|---|
| 110 | Successful verification for <username> from <ip>, [Internal/LDAP]. | Successful verification. |
| 111 | Failed verification for <username> from <ip>, [Internal/LDAP]. Error: ‘<error>’ | Failed verification. |
| id | message | description |
|---|---|---|
| 120 | Received authentication request for <username> from <ip> | User sent authentication request. |
| 121 | Error - User unauthorized. Failed login request for <username> from <ip> | Failed login request. |
| 122 | Authentication request success for <username> from <ip> | Successful authentication. |
| 123 | Error - User unauthorized. Active: <bool>, Archived: <bool> - failed login request for <username> from <ip> | Failed login request. |
| 124 | Error - User does not exist - failed authentication request for <username> from <ip> | Failed authentication. Credentials of non-existing user. |
| id | message | description |
|---|---|---|
| 130 | Received authorization request for <username> from <ip> | User sent authorization request. |
| 132 | Authorization request success for <username> from <ip> | Successful authorization. |
| 133 | Error - User unauthorized. Active: <bool>, Archived: <bool> - failed authorization request for <username> from <ip> | Failed authorization request. |
| 134 | Error - User does not exist - failed authorization request for <username> from <ip> | Failed authorization. Credentials of non-existing user. |
req format: admin_role::admin_login::admin_email
| id | message | description |
|---|---|---|
| 150 | Received user registration request for <username> <<name>> from <req> [<ip>] | Privileged user sent request for user registration. |
| 151 | User registration request success for <username> <<name>> from <req> [<ip>] | Request for user registration succeeded. |
| 152 | User registration request for <username> has failed with error ‘User already exists’. from <req> [<ip>] | Request for user registration failed. |
| 153 | User [registration/update] request for <username> has failed with error ‘<error>’. from <req> [<ip>] | Request for user registration/update failed with error. |
| 155 | PRELIMINARY: Received user [update/archive/unarchive/activate/deactivate/password update] request for <user_id> from <req> [<ip>] | Privileged user sent request for user registration. Preliminary event, may lack some data. |
| 156 | User [update/archive/unarchive/activate/deactivate] request success for for <username> <<name>>. from <req> [<ip>] | Request for user record update succeeded. |
| 157 | User [update/archive/unarchive/activate/deactivate] request for <username> has failed with error ‘<error>’. from <req> [<ip>] | Request for user record update failed. |
req format: admin_role::admin_login::admin_email
| id | message | description |
|---|---|---|
| 180 | Received ldap connector creation request for ‘<Connector_Name>’ <Connector_Server> <<Connector_Base>> from <req> [<ip>] | Request for LDAP connector creation received. |
| 181 | LDAP connector creation request success ‘<Connector_Name>’. from <req> [<ip>] | LDAP connector created successfully. |
| 182 | LDAP connector [creation/update] has failed with error. Connector ‘<Connector_Name>’ already exists. from <req> [<ip>] | LDAP connector creation failed, connector with same name already exists. |
| 183 | LDAP connector [creation/update] unauthorized for <req> [<ip>] | LDAP connector creation failed, because user don’t have permission to create/update connectors. |
| 184 | LDAP connector creation request for connector ‘<Connector_Name>’ has failed with error ‘<error>’. from <req> [<ip>] | LDAP connector creation failed with error. |
| 185 | Received ldap connector update request for ‘<Connector_ID>’ from <req> [<ip>] | ldap connector update request received. |
| 186 | LDAP connector update has failed with error. Connector id <Connector_ID> not found. from <req> [<ip>] | LDAP connector update failed, because requester provided non-existent ID. |
| 187 | LDAP connector update request for connector id <Connector_ID> has failed with error ‘<error>’. from <req> [<ip>] | LDAP connector update failed with error displayed in msg. |
| 188 | LDAP connector update request success for id <Connector_ID> ‘<Connector_Name>’ from <req> [<ip>] | LDAP connector updated successfully. |
| id | message | description |
|---|---|---|
| 200 | User <username> has been forced to change password. Activating change password selfservice. | If user found to be forced to change password, then we activating selfservice process for him. |
| 202 | Selfservice for password change has been activated for user <username>. Sending notification with selfservice link. | After activating selfservice process, notification would be sent to user. |
| 203 | Selfservice change password process entry for <username> has been successfully created/updated. | Successfully created/updated selfservice entry in database. |
| 204 | Error while creating/updating change password process entry for <username>. | Error while creating/updating selfservice entry in database. |
| 205 | Received change password request from user <username>. | Received change password request from user. |
| 206 | Error executing change password request from user <username>. Failed with error: <error> | Error executing change password request with error details where possible. |
| 207 | Successfully updated password for user <username>. | Successfully updated password for user. |
| 208 | CRITICAL ERROR: Unable to revert pwdLastSet back to 0 for user <username>. Failed with error: <error> | Error that prevented process to revert pwdLastSet back to 0 after change password failure, which means that user left with ability to login with initially generated password. This might be critical because user account in AD has been altered, but process of changing password were not successfully completed. This unlikely to happen, but if happened, it indicates that there should be actions performed by administrators or IDM. |
| 209 | ERROR: Binding error before change password attempt! User “<username>”. Failed with error: <error> . | User were unable to bind with it’s own credentials. |
| 210 | ERROR: Chpass process failed for user with login “<username>”. Failed with error: <error> | If some of the password stages ended with failure, state would turn info Failed and corresponding message would be produced with some technical data describing error. |