Usernames not understandable in log file

My all users are AD LDAP users. And their nextcloud usernames not meaningful when I look at SIEM or log files
For example:

  "reqId": "YjSLrO0EsIvuUGpFEquijQAAAAU",
  "level": 1,
  "time": "18.03.2022, 16:39:56",
  "remoteAddr": "",
  "user": "2BE98F99-8969-4CEA-9F71-FC6CB5970795",
  "app": "admin_audit",
  "method": "DELETE",
  "url": "/nextcloud/remote.php/dav/files/2BE98F99-8969-4CEA-9F71-FC6CB5970795/ders%20notu%202.docx",
  "message": "File deleted: \"/ders notu 2.docx\"",
  "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36",
  "version": ""

One of log line. The “user”: “2BE98F99-8969-4CEA-9F71-FC6CB5970795”, raw is not meaningful admin.
I can check it from user list ofcourse but, what if that user deleted from LDAP and nextcloud and I needed to check it for an audit or something
As a result, Is there a wat yo map LDAP username and nextcloud username method?


1 Like

There is no idea?

Tevfik Thank you for your message. Did you find the answer?

as less as I understand from it, this “Code” is UID and not User-name.

And as far as I know you can assign certain values from your AD LDAP to variables of NC-LDAP, so to say: you can map them. I bet NC-anmual knows more about how to doing that.

Yes exactly.
I ned mapping LDAP names-NCUID mapping in log .