Viewing User Activity
The DeviceLock Service initially stores user activity monitoring data on the local computer, allowing the administrator to explore local records of user actions by using the UAM Log Viewer in the DeviceLock Management Console connected to the DeviceLock Service. In this way, one can only access the records made by the DeviceLock Service on the local computer.
To enable a centralized viewing and analysis of the recordings made on different computers, it is necessary to transfer user activity monitoring data to DeviceLock Enterprise Server by enabling the
Transfer shadow data to server option of the DeviceLock Service. The servers to collect and hold that data are specified by the
DeviceLock Enterprise Server(s) option. Each server collects the data relating to only the users and groups assigned to that server. If necessary, user activity records can be combined for viewing and analysis on a central collection server (see
Consolidating Logs).
User activity monitoring data is stored in the same place as shadow files. The DeviceLock Service stores them in the folder specified by the
Local storage directory option. As for the DeviceLock Enterprise Server, the data storage is determined by the
Store path option (see
Server Options). For more information about server data storage options, see the
Store shadow files in the database option description.
The administrator can view user activity monitoring records in the DeviceLock Management Console details pane, having selected
UAM Log Viewer in the console tree. To view local records, select
DeviceLock Service >
User Activity Monitor >
UAM Log Viewer in the console connected to the DeviceLock Service. To view records on the server, select
DeviceLock Enterprise Server >
UAM Log Viewer in the console connected to the DeviceLock Enterprise Server. The log can be administered by using shortcut menu commands on the
UAM Log Viewer node (see
Managing the UAM Log).
The viewer details pane is divided into upper and lower areas. The upper area displays a
list of monitoring sessions - a listing of all user activity records held in the log. The lower area is a
session viewer intended to view the video recording of the user computer screen along with the recording of user keystrokes and other data.
Important: •To collect UAM data, the DeviceLock Enterprise Server must have the Core license installed. The number of computers from which the server collects UAM data cannot be more than the Core license specifies. •To apply server policies and computer monitoring tasks that include UAM options and rules, the DeviceLock Enterprise Server must have the UAM license installed. The number of computers to which such policies and tasks are applied cannot be more than the UAM license specifies. For license installation instructions, refer to
Activating Server Licenses. |