Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry 2FA
  3. BlackBerry 2FA - Administration Guide
  4. Logging and reporting
  5. Auditing Preauthentication requests

Auditing Preauthentication requests

BlackBerry UEM
 logs each request for
BlackBerry 2FA
 Preauthentication and each request for authentication while in Preauthentication. Data is logged when the request completes or expires.
The audit log file includes the following information about each request for Preauthentication:
  • Marker1: BB2FA_AUDIT. This is the identifier for all
    BlackBerry 2FA
     audit log lines in the
    BlackBerry UEM Core
     log. This also indicates where to trim the log lines to discard universal CORE log information.
  • Marker2: PREAUTH_REQUEST. This is the identifier for the event type (request for Preauthentication).
  • Date
  • Time
  • Source:
    BlackBerry UEM
     management console,
    BlackBerry UEM Self-Service
    , user's device
  • Username
  • BlackBerry 2FA
     profile name: The name is logged in quotation marks to prevent the field from being split by commas in the profile.
  • Requested Preauthentication duration in hours
  • Configured maximum Preauthentication duration in hours
  • Result: SUCCESS, FAILED_INVALID_REQUEST
  • Preauthentication expiration time
For example: 
2BB2FA_AUDIT,PREAUTH_REQUEST,2016-11-05,13:27:17.822,admin,user1,"Sales BB2FA  Profile",3,12,May 11 16:41
The audit log file includes the following information about each request for authentication while in Preauthentication:
  • Marker1: BB2FA_AUDIT. This is the identifier for all
    BlackBerry 2FA
     audit log lines in the
    BlackBerry UEM Core
     log. This also indicates where to trim the log lines to discard universal CORE log information.
  • Marker2: AUTH_USER_IN_PREAUTH. This is the identifier for the event type (request for authentication while inPreauthentication).
  • Date
  • Time
  • Transaction ID
  • Source:
    BlackBerry 2FA
     app,
    BlackBerry Enterprise Identity
    , and so on.
  • Username
  • Authentication policy: enterprise password, active device password, passive device password
  • Profile name: The name is logged in quotation marks to prevent the field from being split by commas in the profile.
  • Preauthentication expiration time
For example:
BB2FA_AUDIT,AUTH_USER_IN_PREAUTH,2016-11-05,13:27:17.822,50dbe1cc,BB2FA,user1,Enterprise Password,"Sales BB2FA Profile",May 11 16:41