Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-10409 How to suppress <no_login_user> from DirectAudit anaylze Report and Powershell ?

Auditing and Monitoring Service ,  

30 July,18 at 09:38 AM

Question:
Why  <no_login_user> is displayed in the DirectAudit  Analyze Report ?
How can we suppress <no_login_user> from the advanced monitoring activity report?

Answers:
The <no_login_user> is displayed when a file is modify by a system account in NIX* machine. 

Solution:
Modify the below Parameter from the /etc/centrifyda/centifyda.conf and then Run "dareload -m " to take the full effect. 
=========================
event.file.monitor.user.skiplist: -1 
=========================

**Note**
In Release 18.8 (Suite 2818.1), the "-1" will be included with default setting of "event.file.monitor.user.skiplist"  instead of "root" Only.
========================================== 
 # event.file.monitor.user.skiplist: root -1
=============================================

 
 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

 No related Articles