Usage Notes - Teradata Vantage

Teradata® VantageCloud Lake
Deployment
VantageCloud
Edition
Lake
Product
Teradata Vantage
Published
January 2023
Language
English (United States)
Last Update
2024-04-03
dita:mapPath
phg1621910019905.ditamap
dita:ditavalPath
pny1626732985837.ditaval
dita:id
phg1621910019905

LogonSource

Teradata recommends using alternative columns instead of the LogonSource column, if available. For information about the recommended columns for LogonSource, see LogonSource Column Fields and Examples.

ClientConfCipherSuite

ASCII String representing the confidentiality cipher suite. This is the TLS cipher suite, for example: "TLS_AES_256_GCM_SHA384".

ClientConfVersion

ASCII String representing the confidentiality version number. This is the TLS version number, for example: "TLS 1.2".

UserName

The UserName column returns “Non-existent User” when a user tries to log on with a bad username.

Possible Values for ClientConfType

Value Description
C TLS used for encryption. Client validated the Certificate-Authority chain but ignored the Subject-Alternative-Name and the Common-Name.
E TDGSS used for encryption. The application does not have the option to change this during the session.
F TLS was attempted but failed, so this is a fallback to using TDGSS for encryption because ENCRYPTDATA is specified.
H TLS was attempted but failed, so this is a fallback to unencrypted because ENCRYPTDATA is not specified.
O May be encrypted using TDGSS or unencrypted. The application has the option of changing this at any time. This is possible only with CLIv2 apps, because drivers (for example, ODBC, JDBC) do not switch encryption on and off within a session.
R TLS used for encryption. Server certificate was ignored; client did not validate the identity of the server.
U Unencrypted. The application does not have the option to change this during the session.
V TLS used for encryption. Client validated the Certificate-Authority chain and the Subject-Alternative-Name or the Common-Name.

Possible Values for ClientConnectionType

Value Description
1 Client is connected using TCP/IP using the gateway.
2 Client is connected from a mainframe using a mainframe-attached host.

Possible Values for DirUserNetConfidentiality, EffectiveSessionNetConf

Value Description
I Indicates the level of protection required for Integrity, looked up in the LDAP directory used for security policy. The levels are: Default (D), Low (L), Medium (M), and High (H).
C Indicates the level of protection required for Confidentiality, looked up in the LDAP directory used for security policy. The levels are: Default (D), Low (L), Medium (M), and High (H).

Possible Values for Event

The names of the following values are truncated if longer than 12 characters. If less than 12 characters long, blank spaces are added.
  • Logon
  • Logoff
  • Bad user
  • Bad account

    This value means the user provided an account string during logon time, but that string does not match any of the account names specified for the user in the SQL CREATE USER or MODIFY USER statement.

  • Bad password
  • Bad profile

    The external profile associated with the logon request does not exist. External profiles are stored in the directory server.

  • Forced off

    This value indicates that the user session was terminated from the system Console or the PM/API.

  • IP restrict

    This value indicates the user is not permitted to log on from the IP address used.

  • Auth failed

    This value indicates an authentication error.

  • Bad auth

    This value may indicate other authentication errors: bad authentication field, deprecated logons, decryption failure, and so forth.

  • Secur policy

    This value indicates that a logon attempt failed because of a security policy violation.

  • Logon failed
    This value means a logon failed for reasons other than the following. Those other reasons are a failure to conform to Logon Rules or an attempt to log on without a password, where the TDP logon exit does not approve the logon.
    • Bad User
    • Bad Account
    • Bad Password
    • Bad profile
    • IP restrict
    • Auth failed
    • Bad auth
    • Secur policy

Possible Values for LogonRedrive

Value Description
' ' Not participating
MEMORY NON-FALLBACK RESPONSES Memory-based Redrive participation
NULL or blanks Session is not participating in Redrive and database restarts are not transparent to applications and users.

Possible Values for RecoverableNetworkProtocol

Value Description
T True
F False

Possible Values for SecurityPolicy

  • No Policy
  • Plaintext
  • Integrity, Default
  • Integrity, Low
  • Integrity, Medium
  • Integrity, High
  • Confidentiality, Default
  • Confidentiality, Low
  • Confidentiality, Medium
  • Confidentiality, High

SecurityPolicy is used to provide audit trail information for the security policy.

Possible Values for ServerConfType

Value Description
E TDGSS used for encryption, either enforced by policy or asserted by a Client.
O May be encrypted using TDGSS or unencrypted, as asserted by a Client or because security policy cannot be determined.
T TLS used for encryption.
U Unencrypted, as asserted by a Client Interface.