Difference between revisions of "Audit Log"

From AgileApps Support Wiki
imported>Aeric
Β 
Β 
(50 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[[File:Auditlog-shoes.gif|right|thumb]]Audit logs display a full history of actions in the platform. Audit Log tracks the following actions by default:
'''[[File:GearIcon.png]] > Administration > Monitoring > Audit Log'''
*All changes to data (additions, modifications and deletions)
*Customizations to the platform


:Optionally, an [[#Enhanced Security Audit|Enhanced Security Audit]] can be enabled, which increase the audit scope, which logs these additional actions:
Audit logs display a full history of actions in the platform.
:*All record access attempts
:*Unsuccessful or unauthorized access attempts


==About the Audit Log==
The Audit Log tracks the following actions:
:* All changes to data (additions, modifications and deletions)
:* All customizations to the platform, including
::* Changes to [[Access Controls]]
::* Changes in [[User]] assignments
::* Changes to [[Object]] configurations
::* Changes to [[Classes]] and JSP [[Pages]]<br>and so on...
===Web Service Executions===
When [[Web Services]] are integrated into an application, the Audit Log contains the following:
:* All Web Service execution failures
:* Successful executions of any Web Services that have the Debug flag set in the [[Web_Services_Integration#Configure_Service_Parameters|Service Parameters]]
In each case, you click ''View Details''' on the audit log entry to see the request including the URL, header parameters, and input parameters. Output parameters are also displayed and, in the case of an error, a stack trace.
===Enhanced Security Audit===
Optionally, an [[#Enhanced Security Setting|Enhanced Security]] can be enabled, increasing the audit scope to log:
:* All record access attempts
:* Unsuccessful or unauthorized access attempts
[[ISV]]s also have a [[Global Audit Log]] they can use to track information from all tenants.
==Working with the Audit Log==
{{permission|
{{permission|
*Users in [[Roles]] with the ''[[Manage Audit Log]]'' permission rights enabled can:
:*Users with the ''[[Manage Audit Log]]'' permission enabled can:
:*See the Audit Log link displayed in the [[Settings]] area
::*See the Audit Log link displayed in the navigation pane
:*View records in the [[Audit Log]] owned by the user's team(s) (including secondary team(s)
::*View records in the [[Audit Log]] owned by the user's team(s) (including secondary team(s)
:*View records in the [[Audit Log]] in any child team of the user's team(s) Β 
::*View records in the [[Audit Log]] for any child team of the user's team(s) Β 
*Users in [[Roles]] with ''[[Customize Objects]]'' permission rights enabled can [[#Create an Audit Log View|Create an Audit Log View]], [[#Search an Audit Log|Search an Audit Log]] and create [[Field Audit Log]]s}} Β 
:*Users with [[Customize Objects permission]] can create [[Field Audit Log]]s}} Β 


== View an Audit Log==
=== View an Audit Log===
#Click '''Settings > Administration > Audit Logs'''. The Audit Logs page opens and displays a log of activities by user. Β 
#Click '''[[File:GearIcon.png]] > Administration > Monitoring > Audit Log'''.<br>The Audit Log page opens and displays a log of activities by user.<br>These fields are displayed in the Audit Log: Β 
#:The default view is All Audit Logs, but you can select another view (if one is available) or create a new view.
#:
#:These fields are displayed in the Audit Log: Β 
#:* Activity Date
#:* Activity Date
#:*Description
#:*Description
#:*Object
#:*Object
#:*User
#:*User
#Click the Next links to view additional log pages.
#Click the ''Next'' link to view additional log pages.
#To change the sort order, double-click a column heading to view activities by the reverse sort order for that column.
#To change the sort order, click a column heading.


==Create an Audit Log View==
'''Viewing Entries:'''
:* For additional information on a Web Service entry, click the '''View Details''' link that accompanies it.
:* Long entries are truncated. Click '''Show more''' to expand one. Click '''Show less''' to collapse it again.
Β 
===Create an Audit Log View===
To create a new view of user activities:
To create a new view of user activities:
#Click '''Settings > Administration > Audit Logs'''. The Audit Logs page opens and displays a log of activities by user. Β 
#Click '''[[File:GearIcon.png]] > Administration > Monitoring > Audit Log'''.<br>The Audit Log page opens and displays a log of activities by user. Β 
# Click the View Icon, and select Add View from the drop-down list. The Create Audit Logs View page opens. The default setting includes the four columns available for the log view: User, Activity Date, Object, and Description.
# Click the View Icon, and select New View from the drop-down list.<br>The Create Audit Log View page opens. The default setting includes the four columns available for the log view: User, Activity Date, Object, and Description.
#*To remove any of the default columns from the new view, select the column name in the Selected Columns list, and click the left-arrow button .
#:*To remove any of the default columns from the new view, select the column name in the Selected Columns list, and click the left-arrow button .
#*If there are entries in the Available Columns list that you want to include in the new view, select them and click the right-arrow button .
#:*If there are entries in the Available Columns list that you want to include in the new view, select them and click the right-arrow button .
#Rearrange the Selected Columns, as necessary, by clicking the up and down arrow buttons.
#Rearrange the Selected Columns, as necessary, by clicking the up and down arrow buttons.
#Select the column by which you want to First Sort By, then the Sort Order.
#Select the column by which you want to First Sort By, then the Sort Order.
#Choose a second sort criteria and sort order, if desired.
#Choose a second sort criteria and sort order, if desired.
#Select the Visibility option you want to apply to this view.
#Select the Visibility option you want to apply to this view:
#;Visible Only to Me:The view appears only in your own View list.
#:;Visible Only to Me:The view appears only in your own View list.
#;Visible to Everyone:The view appears in the View list for all users in your company.
#:;Visible to Everyone:The view appears in the View list for all users in your company.
#;Visible to Specific Users:The view appears in the View list only for the users you select. When you select this option, a text box and Lookup button appear. Click the button and select the users you want to have access to this view. You can remove users by clicking the Remove button .
#:;Visible to Specific Users:The view appears in the View list only for the users you select. When you select this option, a text box and Lookup button appear. Click the button and select the users you want to have access to this view. You can remove users by clicking the Remove button .
#;Visible to Specific Roles:The view appears in the View list only for users with roles that you specify. Click the Lookup button to select the roles you want to have access to this view. You can remove roles by clicking the Remove button.
#:;Visible to Specific Roles:The view appears in the View list only for users with roles that you specify. Click the Lookup button to select the roles you want to have access to this view. You can remove roles by clicking the Remove button.
#;Visible to Specific Teams:The view appears in the View list only for users that belong to teams that you specify. Click the Lookup button to select the teams you want to have access to this view. You can remove teams by clicking the Remove button.
#:;Visible to Specific Teams:The view appears in the View list only for users that belong to teams that you specify. Click the Lookup button to select the teams you want to have access to this view. You can remove teams by clicking the Remove button.
#Click Preview to see the new view.
#Click '''[Preview]''' to see the new view.
#Click Save to save the view without setting up filters, enter a View Name, and click Save As. OR
#Click '''[Save]''' to save the view without setting up filters<br>-OR-<br>Enter a View Name, and click '''[Save As]'''<br>-OR-<br>
#Click the Filter tab to complete the new custom log view, and save your changes. Β 
#Click the Filter tab to complete the new custom log view, and save your changes. Β 


:See [[Views]] for more information.
:See [[Views]] for more information.


==Search an Audit Log==
===Filter the Audit Log===
Find activity history (Audit Log):
Find activity history (Audit Log):
#Click '''Settings > Administration > Audit Logs'''. The Audit Log page opens and displays a log of activities.
#Click '''[[File:GearIcon.png]] > Administration > Monitoring > Audit Log'''.<br>The Audit Log page opens and displays a list of activity records. like this one:
#To Search for records, Click the [[View Icon]] and select Filter this View. For more information on how to find records in views, see [[Views]].
#:[[File:AuditLog.png]]
#Use the Filter icon [[File:DoubleDownIcon.png]] to determine which records are listed:
#:''Learn more:'' [[Views]]


==Enhanced Security Audit==
===Enhanced Security Setting===


#Click '''Settings > Administration > Company Information > Edit'''
#Click '''[[File:GearIcon.png]] > Administration > Company Information > Edit'''
#In the Log All Access Settings section, choose the preferred log options:
#In the Logging All Access Settings section, choose the preferred log options:
#:;Log all record access:If enabled, any record access, including search, is logged
#:;Log All Record Access:If enabled, any record access, including search, is logged
#:::* [[Object]] record access
#:::* [[Object]] record access
#:::* [[Object]] tab access
#:::* [[Object]] tab access
Line 62: Line 85:
#:::* Any View access or updates
#:::* Any View access or updates
#:::* Any Report executed from the Report tabs
#:::* Any Report executed from the Report tabs
#:;Log all access violations:If enabled, any access violation is logged
#:;Log All Access Violations:If enabled, any access violation is logged
#:::* Most access violations occur when a user attempts to access an element in the platform, but does not have the appropriate permission rights, and so an error message is triggered; Some examples are: You do not have the permission to access this record, Invalid access, You do not have permission for this operation
#:::* Most access violations occur when a user attempts to access an element in the platform, but does not have the appropriate permission, and so an error message is triggered; Some examples are: You do not have the permission to access this record, Invalid access, You do not have permission for this operation


==Delete an Audit Log==
===Delete an Audit Log===
Records in an Audit Log can be deleted using the [[Mass Delete Data]] feature.
Records in an Audit Log can be deleted using the [[Mass Delete Data]] feature.
===Auto-Purge the Audit Log===
{{DISPLAYTITLE:Auto-Purge Audit Logs}}This option provides the ability to configure an automatic data purge of the [[Audit Log]], based on some number of days. All audit log entries older than the specified number days are purged automatically.
{{permissions|Manage Audit Log| configure auto-purge settings}}
When the auto-purge option is specified, for example with a retention period of 10 days, then any record in the Audit Log that is more than 10 days old is ''permanently deleted''. The auto-purge action may not happen immediately, but the purge action is scheduled every day.Β 
;Considerations:
:*In a purge action, the audit log entries are deleted permanently and cannot be restored
:*The auto-purge action bypasses any [[Recycle Bin]] restore option
:*By default, auto-purge is disabled
To configure Auto-Purge for Audit Log records:
#Click '''[[File:GearIcon.png]] > Administration > Monitoring > Audit Logs'''
#Click the '''[Retention Period]''' button
#Specify the number of days to retain the Audit Log entries
#:The number of days must be a positive number, greater than zero
#:If the number of days is equal to zero, Auto-Purge is disabled
#:;Field label: Retention Period (Days)
# Click '''[Save]'''
The [[Audit Log]] includes a log of any actions related to Auto-purge settings.


==Learn More==
==Learn More==
:* [[Reference_documentation_for_Audit_Log_fields|Audit Log fields]]
:* [[Audit Log Fields]]
Β 
:* [[Global Audit Log]]
[[Category:Administration| 8]]
[[Category:Glossary]]

Latest revision as of 12:26, 15 June 2023

GearIcon.png > Administration > Monitoring > Audit Log

Audit logs display a full history of actions in the platform.

About the Audit Log

The Audit Log tracks the following actions:

  • All changes to data (additions, modifications and deletions)
  • All customizations to the platform, including

Web Service Executions

When Web Services are integrated into an application, the Audit Log contains the following:

  • All Web Service execution failures
  • Successful executions of any Web Services that have the Debug flag set in the Service Parameters

In each case, you click View Details' on the audit log entry to see the request including the URL, header parameters, and input parameters. Output parameters are also displayed and, in the case of an error, a stack trace.

Enhanced Security Audit

Optionally, an Enhanced Security can be enabled, increasing the audit scope to log:

  • All record access attempts
  • Unsuccessful or unauthorized access attempts

ISVs also have a Global Audit Log they can use to track information from all tenants.

Working with the Audit Log

Lock-tiny.gif

  • See the Audit Log link displayed in the navigation pane
  • View records in the Audit Log owned by the user's team(s) (including secondary team(s)
  • View records in the Audit Log for any child team of the user's team(s)

View an Audit Log

  1. Click GearIcon.png > Administration > Monitoring > Audit Log.
    The Audit Log page opens and displays a log of activities by user.
    These fields are displayed in the Audit Log:
    • Activity Date
    • Description
    • Object
    • User
  2. Click the Next link to view additional log pages.
  3. To change the sort order, click a column heading.

Viewing Entries:

  • For additional information on a Web Service entry, click the View Details link that accompanies it.
  • Long entries are truncated. Click Show more to expand one. Click Show less to collapse it again.

Create an Audit Log View

To create a new view of user activities:

  1. Click GearIcon.png > Administration > Monitoring > Audit Log.
    The Audit Log page opens and displays a log of activities by user.
  2. Click the View Icon, and select New View from the drop-down list.
    The Create Audit Log View page opens. The default setting includes the four columns available for the log view: User, Activity Date, Object, and Description.
    • To remove any of the default columns from the new view, select the column name in the Selected Columns list, and click the left-arrow button .
    • If there are entries in the Available Columns list that you want to include in the new view, select them and click the right-arrow button .
  3. Rearrange the Selected Columns, as necessary, by clicking the up and down arrow buttons.
  4. Select the column by which you want to First Sort By, then the Sort Order.
  5. Choose a second sort criteria and sort order, if desired.
  6. Select the Visibility option you want to apply to this view:
    Visible Only to Me
    The view appears only in your own View list.
    Visible to Everyone
    The view appears in the View list for all users in your company.
    Visible to Specific Users
    The view appears in the View list only for the users you select. When you select this option, a text box and Lookup button appear. Click the button and select the users you want to have access to this view. You can remove users by clicking the Remove button .
    Visible to Specific Roles
    The view appears in the View list only for users with roles that you specify. Click the Lookup button to select the roles you want to have access to this view. You can remove roles by clicking the Remove button.
    Visible to Specific Teams
    The view appears in the View list only for users that belong to teams that you specify. Click the Lookup button to select the teams you want to have access to this view. You can remove teams by clicking the Remove button.
  7. Click [Preview] to see the new view.
  8. Click [Save] to save the view without setting up filters
    -OR-
    Enter a View Name, and click [Save As]
    -OR-
  9. Click the Filter tab to complete the new custom log view, and save your changes.
See Views for more information.

Filter the Audit Log

Find activity history (Audit Log):

  1. Click GearIcon.png > Administration > Monitoring > Audit Log.
    The Audit Log page opens and displays a list of activity records. like this one:
    AuditLog.png
  2. Use the Filter icon DoubleDownIcon.png to determine which records are listed:
    Learn more: Views

Enhanced Security Setting

  1. Click GearIcon.png > Administration > Company Information > Edit
  2. In the Logging All Access Settings section, choose the preferred log options:
    Log All Record Access
    If enabled, any record access, including search, is logged
    • Object record access
    • Object tab access
    • Search or Advanced search
    • Any View access or updates
    • Any Report executed from the Report tabs
    Log All Access Violations
    If enabled, any access violation is logged
    • Most access violations occur when a user attempts to access an element in the platform, but does not have the appropriate permission, and so an error message is triggered; Some examples are: You do not have the permission to access this record, Invalid access, You do not have permission for this operation

Delete an Audit Log

Records in an Audit Log can be deleted using the Mass Delete Data feature.

Auto-Purge the Audit Log

This option provides the ability to configure an automatic data purge of the Audit Log, based on some number of days. All audit log entries older than the specified number days are purged automatically.

Lock-tiny.gif

Users that have the Manage Audit Log permission can configure auto-purge settings 

When the auto-purge option is specified, for example with a retention period of 10 days, then any record in the Audit Log that is more than 10 days old is permanently deleted. The auto-purge action may not happen immediately, but the purge action is scheduled every day.

Considerations
  • In a purge action, the audit log entries are deleted permanently and cannot be restored
  • The auto-purge action bypasses any Recycle Bin restore option
  • By default, auto-purge is disabled

To configure Auto-Purge for Audit Log records:

  1. Click GearIcon.png > Administration > Monitoring > Audit Logs
  2. Click the [Retention Period] button
  3. Specify the number of days to retain the Audit Log entries
    The number of days must be a positive number, greater than zero
    If the number of days is equal to zero, Auto-Purge is disabled
    Field label
    Retention Period (Days)
  4. Click [Save]

The Audit Log includes a log of any actions related to Auto-purge settings.

Learn More