Audit Logs
Tracking your workgroup usage & events
Last updated
Was this helpful?
Tracking your workgroup usage & events
Last updated
Was this helpful?
Audit logs are provided to you as a means to track key events and user usage generated within your workgroup in the Ardexa Web App . Example events captured include by whom and when; a file is sent to your device, or a device was moved to another workgroup, when a user logged-in, or when a device was renamed.
A detailed breakdown of audited events is provided below.
NOTE: Records captured in the audit_logs
table are kept indefinitely.
Access to view this data is dependent on your workgroup and your role within that workgroup:
User role(s) of type:
owner
are able view the audit_logs
table to conduct searches
Anyone with the read audit logs
permission.
All other role types do not have access to this data.
Under the [SEARCHES]
tab, select the audit_logs
table to begin building your search against this data.
There are a number of fields associated with the audit trail, as discussed in the sections below. This image shows the common user actions that are logged, and how to search for them in the audit traill. The "action", "controller", "attribute", "new value" and "old value" refer to the fields in the audit trial. Please be aware that all the actions below have the "user_id" field populated by the user that made the change. Also, the "status" field will indicate the success or failure of the command.
The audit_logs table works like any other search. You can build filters and show the columns relevant to your needs. To understand how you might go about reading this data, provided here, are the most important fields and their description:
Field
Always?
Description
EVENT_TIME
Y
When the event was recorded.
CONTROLLER
Y
The component inside the Ardexa Web App that recorded and applied the event against the ENTITY
.
DEVICE
N
The device that the event was related, if the event was actually related to a device.
ENTITY
Y
The unit or something that was worked upon. Examples might be: device
, user
, workgroup,
ACTION
Y
The simple description of the event. Examples might be:
get
, update
, send
, run
, login
, move
ATTRIBUTE
N
A simple description of the attribute that was affected by the action
OLD_VALUE
N
If a prior value of the attribute is relevant and available for the action being applied then it will be captured here.
NEW_VALUE
N
Specifics for the audit event are captured here. For example: new attribute values, files names, descriptors of the event
STATUS
N
Reports if the attempted action was success
or failed
.For example some events are thrown-out due to permission limitations but there is still a need to know it was attempted, eg deleting the audit_log
table.
WORKGROUP_ID
Y
The user's workgroup that the was active when the user triggered the event.
USER_ID
Y
The user's details that triggered the event.
No.
The audit_log
table is among a number of system tables that can never be deleted.
Any attempt to delete a table or an index, the audit_log
table itself included, whether it succeeds or fails, is recorded as an entry in the audit_log table. This can be viewed through your searches on the audit_log
table.