Setting up Auditing
RDM allows auditing user actions in the web application and logging them to a text file.
Prerequisite
Before setting up auditing, ensure Auditing is enabled in App Variables.
 
Auditing node
Auditing in configured in the Auditing node with the following configuration fields:
| Name | Required | Description | 
|---|---|---|
| File | Y | Logging file name pattern. Both absolute and relative paths can be used (the path is relative to the folder from which the web server is started). The following special characters can be used in the file name pattern: 
 | 
| File Size Limit | Y | The maximum file size in bytes before the log is rotated. | 
| Number of files | Y | Total number of log files to keep. | 
| Append | N | If set to  | 
| Data read | N | A user opens a table or record details, refreshes table contents by applying a filter, and so on. | 
| Data modification | N | A user creates, edits, deletes, sends to publish, or publishes a record. | 
| Data export | N | A user exports data (bulk export or dump). | 
| Security modification | N | Permissions are changed. | 
| Workflow action | N | A record goes through a workflow state. | 
| System event | N | User login or logout. | 
See also Full list of auditable actions.
Full list of auditable actions
Data read
| Action code | Description | 
|---|---|
| READ_TABLES_CHANGES | A user reads the Change Log. | 
| READ_ENTITY_DESCRIPTION | A user selects the Description option. | 
| FIND_ROWS | A user opens a table. | 
| FIND_ROW_DETAIL | A user opens record details. | 
/* action logged when a user opens a table to see the content of the table (the same information is logged whenever user refreshes the content of the table, e.g., applies a filter, etc.): */
Aug 24, 2015 5:06:28 PM [Data read][FIND_ROWS]
INFO: {"ATTRIBUTES":{"Filter":{},"Count":30,"Offset":0,"EntityName":"PRODUCTS"},"REMOTE_ADDR":"172.16.10.116","OPERATION":"FIND_ROWS","DATE":"Mon Aug 24 17:06:28 CEST 2015","TYPE":"Data read","USER":"alice"}
/* action logged when a user clicks on the "Description" link */
Aug 24, 2015 5:06:27 PM [Data read][READ_ENTITY_DESCRIPTION]
INFO: {"ATTRIBUTES":{"EntityName":"PRODUCTS"},"REMOTE_ADDR":"172.16.10.116","OPERATION":"READ_ENTITY_DESCRIPTION","DATE":"Mon Aug 24 17:06:27 CEST 2015","TYPE":"Data read","USER":"alice"}
/*action logged when a user opens a record detail */
Aug 24, 2015 5:19:54 PM [Data read][FIND_ROW_DETAIL]
INFO: {"ATTRIBUTES":{"RowId":2,"EntityName":"PRODUCTS"},"REMOTE_ADDR":"172.16.10.116","OPERATION":"FIND_ROW_DETAIL","DATE":"Mon Aug 24 17:19:54 CEST 2015","TYPE":"Data read","USER":"alice"}Data modification
| Action code | Description | 
|---|---|
| MODIFY_TABLES_REJECT_ROWS | A user rejects record publishing. | 
| MODIFY_MOVE_WORKFLOW_EXPIRED_ROWS | A record moves to a different workflow state after staying untouched for longer than the configured maximum number of days. | 
| MODIFY_IMPORT_TABLES | A user imports data via Load from dump. | 
| MODIFY_TABLES_CONFIRM_ROWS | A user publishes changes to a record. | 
| MODIFY_RETURN_TO_EDIT | A user selects Return to edit on a record with unpublished changes. | 
| MODIFY_MOVE_TO_CONFIRMATION | A user selects Move to publish on a record with unpublished changes. | 
| MODIFY_DELETE_ROWS | A user deletes a record. | 
| MODIFY_UNDO | A user selects Undo on a record with unpublished changes. | 
| MODIFY_CREATE_ROW | A user creates a record. | 
| MODIFY_EDIT_ROW | A user edits a record. | 
| IMPORT_DATA | A user imports data via Bulk Import or an import plan using the RDM Importer step. | 
/* action logged when a user edits a record */
Aug 24, 2015 5:26:12 PM [Data modification][MODIFY_EDIT_ROW]
INFO: {"ATTRIBUTES":{"Recursive":false,"RowId":2,"EntityName":"PRODUCT_TYPE"},"REMOTE_ADDR":"172.16.10.116","OPERATION":"MODIFY_EDIT_ROW","DATE":"Mon Aug 24 17:26:12 CEST 2015","TYPE":"Data modification","USER":"alice"}
/* action logged when a user clicks Undo (e.g., after editing a record) */
Aug 24, 2015 5:22:47 PM [Data modification][MODIFY_UNDO]
INFO: {"ATTRIBUTES":{"Filter":{"IDS_IN":"(7)"},"EntityName":"PRODUCT_TYPE"},"REMOTE_ADDR":"172.16.10.116","OPERATION":"MODIFY_UNDO","DATE":"Mon Aug 24 17:22:47 CEST 2015","TYPE":"Data modification","USER":"alice"}
/* action logged when a user moves a record into the confirmation state (moves to publish) */
Aug 24, 2015 5:24:47 PM [Data modification][MODIFY_MOVE_TO_CONFIRMATION]
INFO: {"ATTRIBUTES":{"Filter":{"IDS_IN":"(3)"},"EntityName":"PRODUCT_TYPE"},"REMOTE_ADDR":"172.16.10.116","OPERATION":"MODIFY_MOVE_TO_CONFIRMATION","DATE":"Mon Aug 24 17:24:47 CEST 2015","TYPE":"Data modification","USER":"alice"}Data export
| Action code | Description | 
|---|---|
| EXPORT_TAGS | A user creates a dump. | 
| EXPORT_ENTITY | A user exports table data via Bulk Export. | 
| RDM_SYNCHRONIZE_EXPORT | A synchronization plan is run. | 
/* action logged when a user exports data from a table */
Aug 24, 2015 5:21:09 PM [Data export][EXPORT_ENTITY]
INFO: {"ATTRIBUTES":{"Filter":{},"ExportType":"LABELS","EntityName":"PRODUCTS"},"REMOTE_ADDR":"172.16.10.116","OPERATION":"EXPORT_ENTITY","DATE":"Mon Aug 24 17:21:09 CEST 2015","TYPE":"Data export","USER":"alice"}Security modification
| Action code | Description | 
|---|---|
| SEC_DELETE_ROLES | A role is deleted. | 
| SEC_CREATE_ROLE | A role is created. | 
| SEC_ASSIGN_ROLES_TO_USER | A role is assigned to a user. | 
| SEC_REMOVE_ROLES_FROM_USER | A role is removed from a user. | 
| SEC_ASSIGN_ROLE_TO_ENTITY | A role is given permissions on a table. | 
| SEC_REMOVE_ROLE_FROM_ENTITY | A role has table permissions removed. | 
| SEC_ASSIGN_ROLE_TO_COLUMN | A role is given permissions on a column. | 
| SEC_REMOVE_ROLE_FROM_COLUMN | A role has column permissions removed. | 
/* logged when a user assigns view (read only) permission to role RDM_ADMIN on table PRODUCT_TYPE */
Aug 24, 2015 5:27:53 PM [Security modification][SEC_ASSIGN_ROLE_TO_ENTITY]
INFO: {"ATTRIBUTES":{"RoleType":"V","Role":["RDM_ADMIN"],"EntityName":"PRODUCT_TYPE"},"REMOTE_ADDR":"172.16.10.116","OPERATION":"SEC_ASSIGN_ROLE_TO_ENTITY","DATE":"Mon Aug 24 17:27:53 CEST 2015","TYPE":"Security modification","USER":"alice"}
/* logged when a user assigns view(read only) permission to role RDM_ADMIN on column DESCRIPTION on table PRODUCT_TYPE */
Aug 24, 2015 5:28:05 PM [Security modification][SEC_ASSIGN_ROLE_TO_COLUMN]
INFO: {"ATTRIBUTES":{"Columns":["DESCRIPTION"],"RoleType":"V","Role":"RDM_ADMIN","EntityName":"PRODUCT_TYPE"},"REMOTE_ADDR":"172.16.10.116","OPERATION":"SEC_ASSIGN_ROLE_TO_COLUMN","DATE":"Mon Aug 24 17:32:41 CEST 2015","TYPE":"Security modification","USER":"alice"}Workflow action
| Action code | Description | 
|---|---|
| WF_STATE_CHANGE | A record is moved to a different workflow state. | 
/* logged when a user moves a record within a workflow */
Aug 25, 2015 9:14:18 AM [Workflow action][WF_STATE_CHANGE]
INFO: {"ATTRIBUTES":{"WfAction":"APPROVE","WfSystemFields":{"load_from":"2015-05-25 00:00:00.0","dwh_column":"true"},"Comment":{},"RowId":196,"EntityName":"BRANCH"},"REMOTE_ADDR":"127.0.0.1","OPERATION":"WF_STATE_CHANGE","DATE":"Tue Aug 25 09:14:18 CEST 2015","TYPE":"Workflow action","USER":"alice"}System event
| Action code | Description | 
|---|---|
| USER_LOGON | A user logs in. | 
| USER_LOGOUT | A user logs out. | 
/* logged when a user is logged in */
Aug 24, 2015 5:02:22 PM [System event][USER_LOGON]
INFO: {"REMOTE_ADDR":"172.16.10.116","OPERATION":"USER_LOGON","DATE":"Mon Aug 24 17:02:22 CEST 2015","TYPE":"System event","USER":"alice"}
/* logged when the user logged out */
Aug 24, 2015 5:05:43 PM [System event][USER_LOGOUT]
INFO: {"REMOTE_ADDR":"172.16.10.116","OPERATION":"USER_LOGOUT","DATE":"Mon Aug 24 17:05:43 CEST 2015","TYPE":"System event","USER":"alice"}Was this page useful?
