I was wondering if it was possible to generate an alert for a user logging into viewpoint who should not have access to a certain ID. For example, to find unautohorized access to batch IDs, I have a script that compares our USERNAME to CLIENTID from dbqlogtbl. So say a user logs onto SQLA from his laptop with a batch ID. We will capture the clientid (from his laptop) and be able to tell what batch ID he used to log on. We can then track down people who are misusing these IDs.
What I want to do is similar, but for viewpoint. I want to see if anyone outside of a select group of users is logging into viewpoint using the Admin ID, and get an email alert of the same.
Is this possible?
I'm not exactly sure how you plan to determine the actual person that is using the admin ID. The best Viewpoint can do is give you the IP address of the client machine from which the login was attempted. This data is available in a file named action.log, located at /opt/teradata/viewpoint/logs on the Viewpoint server.
10.1.123.456 - - [20/Jun/2012:11:01:18 -0700] Security LOGIN_ATTEMPTED [USER: admin, RESULT: SUCCESS]