AX1490

Viewing the audit log

Axiom Software keeps an audit log of important activities performed in the system, so that you can see what was done in the system, when it was done, and by whom. The types of activities that are logged include:

  • Document access
  • Refreshing a file
  • Data saves via various system features
  • Execution of key utilities such as Process Plan Files
  • Scheduler job processing
  • Changes to key system components such as security, file groups, and tables

The audit log is only accessible by administrators and users with the Browse Audit History security permission.

To view the audit log in the Desktop Client:

  • From the Axiom tab, in the Administration group, click Manage > Auditing History.

The audit log is web-based and always opens in the browser (the Web Client), even if it is launched from the Desktop Client.

To view the audit log in the Web Client:

  1. In the Web Client, click the menu icon in the Global Navigation BarThe blue bar across the top of pages in the Web Client. The Global Navigation Bar provides access to system-wide features.. From the Area menu, select System Administration.

  2. From the Navigation panel, select Auditing > Audit Manager.

    Alternatively, you can go directly to the Audit Manager page as follows:

    Example On-Premise URL

    		 

    http://ServerName/Axiom/AuditManager

    Where ServerName is the name of the Axiom Application Server, and Axiom is the default name of the virtual directory.
         

    Example Cloud System URL

    		 

    https://ClientName.axiom.cloud/AuditManager

    Where ClientName is the name of your Axiom Cloud Service system.

Activities view

When using the Activities view, audit data is organized by activity. By default the dialog displays the last 100 activities performed in the system, with the most recent activity listed at the top.

You can filter the activity data using the filter settings at the top of the screen. You can filter by any combination of dates (From and To), by activity type, by user, by document, and by table. For dates, you can click the Today or Yesterday links to automatically set the date filters as appropriate for those days. To clear a filter, click the X button to the right of filter box.

In addition to the information shown in the activity grid, you can get more information as follows:

  • Activity Type: When you select an activity in the list, the summary details for that activity display at the bottom of the screen. You can also click the activity type to be taken to the full details for the activity, including child activities.
  • User Session: Click this item to be taken to the User Session view, filtered by the selected session and showing the activities performed during that session.
  • Children: Click this item to view the child activities for the selected activity. Child activities are activities performed as part of the larger parent activity (such as several individual tasks performed as part of a Scheduler job).

User Sessions view

When using the User Sessions view, audit data is organized by session. By default the dialog displays the last 100 sessions for the system, with the most recent login listed at the top. A user session encapsulates all activity for a user from the time the user logs into the system via a particular client, to the time the user logs out.

You can filter the session data using the filter settings at the top of the screen. You can filter by any combination of dates (From and To), by user, and by client type. For dates, you can click the Today or Yesterday links to automatically set the date filters as appropriate for those days. To clear a filter, click the X button to the right of filter box.

To see the activities performed during a particular user session, click the View link for that session. This will open the Activities view, filtered to show only the activities for the selected session.

NOTES:  

  • The Domain is only noted when the user logs in using Windows User Authentication.
  • The Impersonated By column is used to track when an administrator logs in as another user, using the "Log in as" feature in Security. In this case the user of the session is the "log in as" user, and the "impersonated by" user is the administrator user.

Treatment of Scheduler jobs

Each time the Axiom Scheduler Service executes a job, it creates a new session to perform the tasks of that job. The client type of the session is Scheduler. By default, audit data resulting from Scheduler client sessions is excluded from the Audit Manager results unless you select the check box to Include scheduler clients at the top of the screen. Scheduler sessions are excluded by default due to the frequent execution of system jobs such as the SMTP job—this data can easily fill up the results.

The user of each Scheduler session is the user identity under which the job is being run. Regular jobs will be run as either the owner of the job or the requester (for jobs triggered by event handlers). If the job is a system job, then the job is run with the user name of "Scheduler Service System".

If a user opens the Scheduler dialog and starts a job using the Run Now option, the activity for that job will be logged in a separate Scheduler session, not as part of the user's current session. The user's current session will show activities such as accessing the Scheduler dialog and opening the job, but not executing the job.

Availability of audit data

Audit data is available based on the purge settings configured in your System Data Purge Scheduler job. This job purges audit data as of a specific number of days. For example, if the job is configured to purge data older than 15 days, then you can only view 15 days' worth of audit data in the Audit Manager. For more information, see Purging audit data.