User identity in the audit report
The audit report indicates the identity of the user who performed a specific action. The full identity of the user includes the user name and the domain or the host name that is associated with the authenticated user. A user's identity appears in the audit report as follows:
Audit events always include the full user identity. Root users and administrators are logged as "root@hostname" or "administrator@hostname".
In NetBackup 8.1.2 and later, image browse and image restore events always include the user ID in the audit event. NetBackup 8.1.1 and earlier log these events as "root@hostname" or "administrator@hostname".
The order of the elements for the user principal is "
domain:username:domainType:providerId". The domain value does not apply for Linux computers. For that platform, the user principal is:username:domainType:providerId.For any operations that do not require credentials or require the user to sign in, operations are logged without a user identity.