You can audit security activity by configuring an auditing provider for Unwired Server and Sybase Control Center. The audit provider tracks events such as logins, logouts, server start operations, and so on, including all actions performed by a specific user or with a particular role.
Sybase suggests that administrators audit two types of user activity: successful use of sensitive information and failed attempts at accessing unauthorized information.