Logon Traces: For auditing and security purposes,
logging services typically record login and logout operations of each user.
Logon traces may include information like local login time,
local logout time and address of the remote host that performed the operation.
Even though containing no information related to the automation process,
logon traces may be an important source of information for the DFA and therefore should be carefully managed by the AM. Traces like system accesses performed at unusual time, or even login operations followed by many hours of inactivity
may be classified by the DFA as being part of an anomalous behaviour.