Audit Trail

Audit Logs

Audit trails (also called audit log) are set of records that chronologically catalog events or procedures to provide support documentation and history that is used to authenticate security and operational actions, or mitigate challenges. These records provide proof of compliance and operational integrity. Audit trail records will contain details that include user activities, and automated system activities.

Audit Logs is a key feature in Agent Control Center which tracks and monitors all the events and activities performed by the user or system.

This article describes which parts of ACC are provided with Audit Logs.

  1. Agent
  2. Organization
  3. User
  4. Directory

Audit Logs or Audit Trail in ACC is set with two types:

  1. DB Logs – Audit log entries stored in database is referred as DB logs.
  2. File Logs - Audit log entries stored in file is referred as File logs.

Please note that file logs are accessible only with Super Admin privileges.

Agent - Audit Log

Navigate to Agents ->Repository in order to check Audit Logs on Agents.

Repository.png

It contains all the details like Agent Name, Description, Latest Version, Deployment server, Proxy pool, Success Criteria, Rate Limit, Last Updated date, Job Status and Run status.

Click on the context menu of the selected agent to view Audit Logs.

Agent_contextmenu.png

Agent audit logs contains User Name, Audit Types, Operations, Description, Contents and Created. All these details are stored in database.

AuditLog_-_Agent.png

1. Data Base Logging:

  • User Name- This column displays the name of the user by whom changes have been made.
  • Audit Types - This column displays the section on which changes have been made by the user.
  • Operations - This column displays the action/operation done by the user.
  • Description - This column displays the details of action performed by the user.
  • Contents- Each action recorded contains raw data under “Contents” column. Click on “Raw Data” link to see contents of the action performed by the user.

Agent_auditcontents.png

  • Created - This column displays date and time of action performed by the user.

2. File Logs

Click on the “File Logs” link. It will navigate to Agent File Logs page which contains File Name in text file format, Created date and time and Contents of the log. Click on the “Get Log File” to view the log file contents.
LogFiles.png
Log file shows the complete information of the actions performed step by step in the agent i.e. Date and time, Operation performed, Cluster Name, Server IP, AgentID, AgentJobScheduleId, AgentRunHistoryId, Input Parameters (if any), LogLevel, IsWindowless, RateLimitID, RunId, SessionId, ServerTime, AgentStartTime and Status Message.

Filelogs_content.png

Here’s a tabular format which describes audit log storage based on actions performed by the user or by the automated system.

Actions Stored in File Stored in database
Start agent on cluster Yes  
Restart run   Yes
Retry run   Yes
Stop run   Yes
Run Job Yes  
Add job schedule   Yes
Update job schedule   Yes
Delete job schedule   Yes
Start job schedule Yes  
Start job schedule (Manually Through UI)   Yes
Disable job schedule Yes  
Enable job schedule Yes  
Set status for latest job run Yes  
Add agent input data   Yes
Update agent input data   Yes
Upload agent input files   Yes
Delete agent input file   Yes
Disable agent input file Yes  
Enable agent input file Yes  
Agent moved from one to another directory (Same recording is in Agent audit trail window)   Yes
Change the Directory name   Yes
Add agent in to the Directory   Yes
Version updated to the agent (Same recording is in Agent audit trail window)   Yes
Adding or deleting sub directory   Yes
Deleting sub directory   Yes
Add Rate Limit Yes  
Update Rate Limit Yes  
Reset load counter Yes  
Delete Rate Limit Yes  
New User Created   Yes
Role privileges added   Yes
Disable the User   Yes
Enable the User   Yes
Update the user detail   Yes
Change the user password   Yes
Generate API access key   Yes
Delete the user   Yes
Recover the User   Yes

 

Directory Audit Trial

In order to access the Directory Audit Trail, navigate to Directory -> Directory Audit Trial on Agent repository page. For Sub-directories click on the context menu of the selected directory.

directory_audit.png

Sub-directory_AuditLog.png

Both audit logs display the same page which includes the detail of user’s and operations performed by them. Audit trail contains these fields: User Name, Operations, Description, Contents, and Created. Please check above for details of these fields.

Directory_audittrail.png

Raw Data provides information related to DirectoryId, Name,NameOnServer, Description, Environment, ParentID, Parent, DefaultConsumerUserAccount, IsGeneratedJobFailureTickets, JobRunHistoryRetentionPeriod, TicketRetentionPeriod, DefaultAgentLogLevel, IsLogAgentAndApiActivity, HighResourceUsageAction.

Directory_auditcontents.png

User Audit Log

Navigate to Organization -> Users which displays User Page, Click on the “Audit Logs” from the context menu of the selected user. 

User_audit.png

This page contains User Name, operations, Description, Contents, Created details.

UserAudit_contents.png

Raw data of the User Audit log page consists of UserAccountId, UserName, FullName, Email, DirectoryId, IsAccessAllSubDirectories, IsDeleted, IsDisabled.

UserLog_contents.png

Please note that Audit logs of User can only be viewed with Admin and Super Admin privileges.

Organization Audit Log

Navigate to Organizations -> Organizations page. Organizations page has the details like Organization name, Rate Limit Required, and Created.

Click on the Context Menu to access the Audit logs of any organization.

Organization_audit.png

Organization Audit trial page contains information regarding User Name, Operations, Description, Contents, and Created.

Organization_audittrail.png

Raw data shows the details as per the operations or actions made by the user. For example an update made in Rate Limit includes different parameters like RateLimitId, Name, IsLoadLimitEnabled, IsSessionLimitEnabled, IsDomainFilterRegex, IsSuccessOnLimit, IsGenerateTicketOnLimit, IsGlobal, IsAllAgents, DomainFilter, LoadLimit, LoadCounter, LoadCounterStartTime, SessionLimit.

Organization_auditcontents.png

Please note that Audit logs of Organizations can only be viewed with Super Admin privilege.

 

 

 

 

 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.