What is the "LOGIN_AS" Audit Event within AUDITTRAIL SECURITY for Essbase 21c?

Question

In Essbase 21c an Auditing Policy File can be configured to include the "LOGIN_AS" event which is described as "User [x] logged in as [y]" within the official product documentation https://docs.oracle.com/en/database/other-databases/essbase/21/ugess/audit-security-artifact-changes-and-lcm-events.html#GUID-227CA6FD-AD17-4D07-87A1-A65F6A7B0E47.

What specifically does this Audit Event track, is this available as there is a concept of impersonation or proxy within the system?

Ambient · Accepted Answer

@User_ZGKDB

Could someone be running reports via MAXL?

There is the ability to mimic a user from the MAXL CLI using the LoginAs command.

GayathriAnand-Oracle · Accepted Answer

Also note that if you have OBIEE/OAS/OAC applications connecting to Essbase, there is a way to define SSO connection from BI to Essbase which uses LoginAs command. So depending on how the connection to essbase is defined, loginas could be reported in audit logs for queries coming from BI to Essbase.