Had an error on a server. It was from Trend Micro telling me someone accessed a bad website, only thing was, no one had been on the computer besides myself. So I looked in the application log and saw that there were errors from Blackberry Manager that looked like this:
<2011-02-27 11:26:06.073 PST>:[<user id>]:<MDS-CS_<SERVER>_MDS-CS_1>:<EVENT>:<LAYER = IPPP, Image not able to transcode: http://<unsafe site>/favicon.ico>
The error “Image not able to transcode” is interesting. It appears that the user was on Blackberry browser and my trend micro antivirus picked up the site he was on and decided to block it. Very Interesting.
Anyway, if you want to trace it back to the particular user, you will need to use the MDAT log files.
Simply browse to: C:\Program Files\Research In Motion\BlackBerry Enterprise Server\Logs\
and then look in the file for the day in question. Search the file for occurrences of that unsafe website, and then look around that entry for DEVICEPIN = xxxxxxx and that’s your guy.