Audit Log
This feature is currently available in Beta version
This article described the OLD version of the Audit log. This version is still active on our shared instance. If you are using the private or exclusive instance, please refer to the New Audit log article.
Audit logging offers chronological records of user activity in the Bloomreach Engagement application, including information about a user and a detailed overview of actions performed by the user. Using Audit logging provides proof of GDPR compliance, operational integrity and it can also serve as a source of information for audit investigations. Moreover, it allows you to identify the origin of any security incident.
The access to the Audit Log is restricted, and only authorized users can search, filter, or download logs for a specific time period. Audit log records will contain logs that include interaction with the application and with customer accounts.
While the Audit log is operational in all instances, access to log reports is only available on Private and Exclusive instances. If you want to use these features, contact your CSM.
Audit log at the account level
Audit log on account level tracks all activities for a specific account. When you have several projects under one account all activities are aggregated to this audit log. Every activity is linked to the user/API who performed it. For each user/API, we track the properties described below:
Property | Description | Data type | Example |
---|---|---|---|
subject_type | Type of access used (existing user or API access) | string | existing_user/api_token |
subject_identifier | Username (usually email) used during login | string | [email protected] |
subject_remote_addr | IP address of user/API when when triggered the action | string | 32.68.182.60 |
resource_project_id | Project token where user/API triggered action | string | a2a36816-c025 |
resource_account_id | Account id where user/API triggered action | string | a2a36816-c025 |
subject_provider | The authentication provider that was used during login | string | |
resource_project_slug | Page slug of the resource project | string | /media_project |
resource_identifier (optional) | ID changed as a result of the action made. | string | ID of the original campaign. |
resource_query (optional) | Query made. | string | Customer filter used during the deletion of customers. |
resource_snapshot (optional) | The status of the campaign at the time of the action. | string | Running |
resource_before/after_status (optional) | How the status of the campaign changed as a result of the action. | String | Running/stopped |
Property | Description | Data type | Example |
---|---|---|---|
subject_user_id (for existing user) | UUID of a user | string | a2a36816-c025 |
subject_access_group_id (for API access) | UUID of a group | string | a2a36816-c025 |
subject_access_key (for API access) | Access key | string | Key123 |
subject_permissions (for API access) | Permission for the given API token | string |
The user's/API's activities trigger an audit
event. Attributes of the audit event provide more details for the audit log:
resource_type
describes the location/part of the application where the activity was triggered
action_type
describes the action for the resource_type
Tracking activities when resource_type = customer
action_type | Resource_type | Description |
---|---|---|
create | customer | Create customer from interface |
update | customer | Update customers attributes from interface |
delete | customer | Deletion of customer from interface. This action also includes bulk deletion of customers. In case of bulk deletion, attribute object_id stores the link to the file with filter. This filter was applied to customer during bulk deletion. |
anonymize | customer | Anonymization of customer from interface |
read | customer | View customer in Bloomreach Engagement CRM. This actions also includes bulk download of customers. In case of bulk download, attribute object_id stores the link to the file with filter. This filter was applied to customers during download action. |
Tracking activities when resource_type = {others}
In this case, we are talking about activities all over the application. These activities usually have among the actions either create
, update
, or delete
. The resource_types provided below are just examples, much more locations are being tracked.
action_type | resource_type | Description |
---|---|---|
create | trend | Trend was created |
update | campaign_design | Campaign was updated |
delete | aggregate | Aggregate was deleted |
Data expiration time period for the audit event is set to 3 years.
Audit log at the instance level
Tracks all activities, that don't belong to any account/project as the actions login
/log out
. On the instance level under the event access
, the audit log tracks all customers who logged in/logged out.
action_type | action_success | Description |
---|---|---|
login | false/true | The user was/was not logged in |
logout | false/true | The user was/was not logged out |
The project for looking into the instance-level audit log is named Audit Log - Instance
. The example of this would is https://app.exponea.com/p/audit-log-instance1/crm/customers/pages/1
.
Updated about 1 year ago