CommandLog_FileTransfer

this log type applies only to rdp proxy and contains logs of files that are transferred (upload or download) by the user during remote desktop connections in kron pam the packets are sent to the server in the following format sessionid specific id of the log in the pam database username the username that transferred the file during the remote connection host kron pam host ip tenantid tenant, the command log was captured sessionstarttime when the session started sessionendtime when the session finished globalusername globalusername is used for authentication clientip source ip of the device that executed the command commandtime exact time when the file transfer started command transferred file allowed if the executed command is allowed by the administrator or not allowed=true is the default value for rdp sessions instancename which instance executed the command devicegroups group names of the device on which the command is executed example the test user downloads a testfile during a remote desktop connection on kron pam {sessionid='e0b8b9f5 562d 4bd4 9701 4a94907b4953', username='test', host='10 10 10 10', tenantid= ‘krontech’, sessionstarttime=2025 04 20 16 47 10 798, sessionendtime=2025 04 20 16 49 09 107, globalusername='administrator', clientip='10 20 1 1', commandtime=2025 04 20 16 48 40 906, command='download/testfile xls', allowed=true, instancename='localhost localdomain', devicegroups=dg1, dg2', context=null }