cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Localization Token Missing for Session Timeout Audit Message

rattmice
7-Bedrock

Localization Token Missing for Session Timeout Audit Message

In ThingWorx 9.3.4, it appears that session timeouts are finally now audited (audit.AuditCategory.Authorization category) but there is no localization token for the actual message.  I assume the token and value should be:

  • name: com.thingworx.things.security.SecurityMonitorThing.SessionExpired.Audit
  • value: Session timed out for user: __user__

Can anyone confirm this?  Are there other fields available in the data shape to the audit message that can be used or just the user field?

1 ACCEPTED SOLUTION

Accepted Solutions

Yes, I did that to create the tokens from the original post.  However, I was wondering if those are the correct ones to set since 9.3.3 does not ship with those defined.  Doesn't matter really to me because the ones I created will suffice for my customer but if it is the wrong tokens then I'd like to correct my implementation.

On a side note, the current Help Center now has Release Notes for 9.3.5 and the reference to this new feature is no longer listed in the 9.3.4 notes and the Security Monitor sections also does not list this new capability.

View solution in original post

4 REPLIES 4
slangley
23-Emerald II
(To:rattmice)

Hi @rattmice.

 

Take a look at this information from the ThingWorx Help Center to see if it offers guidance.  If you're not able to make any headway on it, let us know.

 

Regards.

 

--Sharon

Yes, I did that to create the tokens from the original post.  However, I was wondering if those are the correct ones to set since 9.3.3 does not ship with those defined.  Doesn't matter really to me because the ones I created will suffice for my customer but if it is the wrong tokens then I'd like to correct my implementation.

On a side note, the current Help Center now has Release Notes for 9.3.5 and the reference to this new feature is no longer listed in the 9.3.4 notes and the Security Monitor sections also does not list this new capability.

slangley
23-Emerald II
(To:rattmice)

Hi @rattmice

 

Custom, by definition, would allow you to create your own as long as they are unique. 

 

That's an interesting observation regarding the Session Timeout Audit message being removed from the 9.3.4 Release Notes.  I'll see if I can find out more on this.

 

Regards.

 

--Sharon

slangley
23-Emerald II
(To:rattmice)

Hi @rattmice.

 

Our documentation team investigated regarding the Session Timeout Audit message being removed from the 9.3.4 Release Notes, but from our investigation, it doesn't appear that the Session Timeout Audit message info was ever included in the 9.3.4 release notes.  It's possible they missed adding it to the 9.3.4 release notes, which is why it's now in the 9.3.5 release notes.

 

Please let us know if you have further questions.

 

Regards.

 

--Sharon  

Announcements