NetIQ Sentinel 7.x and 8.x Sentinel Server
Sentinel UNIX agent 7.4 is not forwarding the Effective UserName field to Sentinel for BSM events. Thus when the person switches to another user, the operations are still being shown as done by the logged in user.
To resolve this issue on Sentinel install hotfix 7.4 HF14 from https://dl.netiq.com/patch/finder/ location
Effective UserName of Subject token is not being forwarded to sentinel server. Therefore Sentinel is unable to populate the Effective UserName information.