3.1.1.1.24.2.4 SearchIPAddressAuditByHostName
This procedure can be used to search the ADM_IPAddressAuditTable based on the specified search condition. The following are the input parameters to this procedure.
Param_HostName: The host name information for which the audit information is being requested.
Param_StartDate: The Start date from when the events pertaining to the specified host name is being requested.
Param_EndDate: The End date till when the events pertaining to the specified host name is being requested.
Param_correlateUserLogon: A Boolean flag indicating whether the host name specified has to be correlated to possible user, IP address, and device-related event information that might be in the table.
The following is the output parameter for this procedure.
Result_searchResult: This is a collection of IPAuditRecord having the result for the specified search criteria.
The following are the steps involved.
Enumerate the rows in the table that meet the following criteria:
TimeOfEvent >= Param_StartDate
TimeOfEvent <= Param_EndDate
HostName = Param_HostName
For each of the row enumerated above,
Create an instance of IPAuditRecord, copy the row details to it, and add it to Result_searchResult.
If the Param_correlateUserLogon flag is set, perform any additional correlation to the map the host name to IP address, MAC address and from there correlate to user’s logon/logoff event information.
For each of the rows that have been obtained based on correlation, create the IPAuditRecord, copy the row details to it, and add it to Result_searchResult.
Return Result_searchResult as the output parameter.