CommandLog_Ocr

this log type applies only to rdp proxy and contains text logs captured via ocr during remote desktop connections in kron pam the packets are sent to the server in the following format sessionid specific id of the log in the pam database username the username that transferred the file during the remote connection host kron pam host ip tenantid tenant, the command log was captured sessionstarttime when the session started sessionendtime when the session finished globalusername globalusername is used for authentication clientip source ip of the device that executed the command commandtime exact time the file transfer started command captured texts via ocr allowed if the executed command is allowed by the administrator or not allowed=true is the default value for rdp sessions instancename an instance in which the command log was captured devicegroups group names of the device on which the command is executed example an ocr text captured logs during a remote desktop session of a test user on kron pam {sessionid='65c2f8e2 49aa 4a22 bdf1 47e13c03cb02', username='test', host='10 10 10 10', tenantid='krontech', sessionstarttime=2025 04 22 14 05 31 592, sessionendtime=null, globalusername='administrator', clientip='10 0 1 1', commandtime=2025 04 22 14 07 09 596, command=' i = | application tools downloads\nhome share view manage (7?)\nab > this pc downloads search downloads \nname date modified type size\nof quick access\ni deskt a filezilla 3 68 1 winf4 setup 27/2025 15 pm application 12,160 kb\neskta\npp ay winscp 4/16/2024 3 57 pm application 22,461 kb\nf downloads ee filezilla 3 69 0 win d setup 4/22/2025 11364m application 12,153 kb\n=| docurnents\n\n=) pictures\n\nfilezilla\n\nthis pc\n\n> network\n\ndesktop qhebmoc\ndesktop d\&tre8h\ndesktop leq\&v2t\n\ntsclient\n\nwintitest\nwin ms34po5 sv\nwin vlyocogfogi\n\n3items 1 item selected 21 9 mb\n\n', allowed=true, instancename='localhost localdomain', devicegroups=dg1, dg2', context=null }