ATM_ID: A2EF4946-FE8D-11EB-8425-5738637E987F

MFF:

PLANNEDTIMESTAFF:

ID: WFAST_Accounting/Testcases/FS_50.001.01_Audit_Log_Events/10995

TESTCASE_HEADLINE: Event ID=21(SA User)
The audit log entry data shall report events contained in table 1 Audit Log - Delete File/DirEvent ID = 21 1 Service Print Job name or Dir name(user name) User Name Completion Status IIO status

GROUP:

FEATURE:

SUB_FEATURE:

INPUT: <p>Audit Log:<br />
1.User should be created along with admin right. (SAuser)<br />
2.All the CWIS and Login operation should be performed through above created SA User only.</p><p>Syslog:<br />
Syslog Destination Server details must be configured.</p>

PROCEDURE: <p>1.Open the EWS and login as Admin<br />
2.Navigate to Properties-Apps -Printing-Hold All Jobs-Enable Hold All Jobs.<br />
</p>
<ol><li value="3">Set Hold All Jobs to Hold Jobs in a Private Queue<br />
4.Policies-Unidentified Job Policies (unknown User ID)- Hold Jobs; Hold Jobs; All Users can Manage Jobs  and save<br />
5.EWS login with SA User and submit the Normal print job to the device<br />
6.Navigate to Device LUI -Jobs App-Held Jobs<br />
7.Select the Held Jobs and Enter the SA user credentials<br />
8.Select the Held Jobs and now delete the held jobs from the LUI.<br />
</li><li value="9">Download the Audit log and observe the audit event recorded.</li></ol>

OUTPUT: <p>The audit log has an event for a Delete File/Dir.<br />
Event ID: 21<br />
Delete File/Dir<br />
Service Print <br />
Job name or Dir name-SA User<br />
User Name SA user<br />
Completion Status<br />
IIO status</p><p>Sys log Verification using View Events option:</p><p>Syslog+CEF format should be displayed as per the Spec (Refer SIEM Integration and Audit Log Events Spec):</p><p>PRI number; Timestamp; Device name; CEF:0; Xerox; Device Model; Device Software Version; Device Audit log Event ID; Audit log Event Description; Severity)along with CEF Key Name Mapping.</p>

PROCESS:

PRIORITY:

TEST_TYPE: automated

LOE:

RESOURCE_HW:

RESOURCE_CONSUMEABLES:

RESOURCE_MEDIA:

SKILL_SET:

TEST_CASE_TYPE: testcases

TESTCASE_SOURCE:

SPEC: FS 50.001 .01 Audit Log Events

SPEC_VERSION:

SPEC_TAG: [50.001.01.027][D1.3-*]|21|Delete File/Dir

ATM_OWNER:

APPROVE_QE:

APPROVED_QE:

APPROVE_SE:

APPROVED_SE:

APPROVE_SPAR:

APPROVED_SPAR:

ASSOCIATED_TESTCASES:

TRAINING:

TESTCASE_VERSION:

TESTCASE_STATE:

TESTCASE_PLATFORM:

TESTCASE_PRODUCT: canyon, carroll, carroll_sfp, corvo, corrib, kiska, malawi, mystic, melody_sfp, melody, muckross

TESTCASE_APPROVALS:

CDATE: 1629116984

MDATE: 1629116984

MUSER: q4BVX0J1

AUTHOR: q4BVX0J1

ATM_MCOMMENTS: Imported from spreadsheet

HISTORY:

ATM_LOCKED:

ATM_REQLINK: 4336BF88-97F7-11E9-9925-CFADAA3FCFED

ATM_REQCOUNT: 1

QA_TEAM:

TC_WEIGHTAGE:

FILENAME:

FILEDESC:

FILES:

RELEASE:

AUTOMATION_GROUP:

TESTCASE_STEPS_ARE_RELATED_TO:

REASON_FOR_AUTOMATABLE:

PRECONDITION_TO_BE_DONE:

ACTION_TO_BE_DONE:

COMMON_FUNCTIONALITY:

COMMONALITY_DETAILS:

CONSTRAINTS_DAR: Imp_98 . NA  Done By Previous Analysis

DEVELOPMENT_COMPLETE_TIME:

PO_SIGNOFF_DATE:

COMPLEXITY_PRECONDITIONS:

COMPLEXITY_OUTPUT_VALIDATION: non_outliers

AUTOMATABLE: yes

TESTCASE_MODIFICATION_REQUIRED:

APTEST_UPDATE_STATUS:

TC_WORK_LOCATION_CAT: work_from_home_tc

AUTOMATION_TC_VALIDATION:

DEVICE_CATEGORY: common

COMPETENCY: wfast_accounting

APTEST_TRACKING: yes

AUTOMATION_CANDIDATE: yes

SRT_ANALYZATION: analyzed