Hello, friends! In CDOT 8.3.2, is there a log that'll tell me about domain user login attempts?
I know that the event log can tell me when a user failed to log in via SSH with the ssh.auth.loginDenied event, which is great. But is there any similar event that will tell me about successful SSH attempts?
Moreover, is there a log file somewhere that can tell me "When was the last time user DOMAIN\a-kkardashian logged in," knowing that that date might have been months or years ago?
There is no way to see a history of these unless you had already enabled them. And these logs roll off after a period of time, so if you want to keep the logs, you'd need to offload them to a different location. Right now, that process would be manual. The only logs ONTAP can forward for you are command history logs: