Viewing activity audits in Explore & Present

Viewing activity audits in Explore & Present#

This guide explains how to view and filter the different types of audit logs available in Explore & Present.

Introduction#

Note

This feature is only available to users with WA (Workspace Admin) permissions in your organization’s root workspace. Other users will not be able to see this feature in the Administration menu in Explore & Present. For more information, see Roles and permissions in Explore & Present.

Activity audits display a list of actions performed in Explore & Present, including workspace creation, data downloads, dashboard actions, and user logins.

This guide covers how to access, view and filter the following activity audit types:

Accessing the audits#

To access any of these audits, follow these steps:

  1. Go to the Present page.

  2. In the top left corner, click image1 Select workspace, then image2 Administration.

  3. In the Security section of the administration menu, click any of the following options:

    • Workspace audit logs

    • Login activity audits

    • Dashboard access audits

    • Data download audits

As a result, you are taken to the page for the corresponding audit type. For information about the activity listed in each audit, and how to filter the audits, see the following sections of this guide.

Exporting audit reports#

You can export login activity audits, dashboard access audits and data download audits in CSV format. To do this, in the top-right corner of the selected audit page, click image3 Export to CSV.

Note

You can only export audit reports that contain data. If the audit does not contain any entries, the export option will not be visible.

Workspace audit logs#

Workspace audit logs display information about actions regarding Explore & Present workspaces. These actions include creating, updating and deleting workspaces, as well as user actions, such as moving workspace objects from one user to another.

Workspace audit logs are displayed in a table with the following columns:

Entity

This is the ID of the object involved in the workspace action. Entities are displayed as an ID and a number, for example Client 100.The following entity IDs are used:

  • Company is the ID of the root-level workspace.

  • Hub is the ID of a workspace group.

  • Client is the ID of a workspace.

  • User is the ID of a user.

  • Role is the ID of a role.

Date

This is the date and time on which the workspace action took place.

User

This is the email address of the user who performed the workspace action.

Action

This is the type of action performed on a workspace. This column lists the following action types:

  • Create - a workspace has been created

  • Update - a workspace has been updated

  • Delete - a workspace has been deleted

  • Move - a workspace object has been moved from one user to another

Data

This displays the metadata associated with the workspace action. The data shown depends on the action that has been performed. For example, when a workspace object has been moved from one user to another, the Data column shows the users involved.

Login activity audits#

Login activity audits display information about user login attempts. Login activity audits only track attempts to log in using an email address and password. Attempts to log in using Single Sign-On (SSO) are not tracked.

Login activity audits are displayed in a table with the following columns:

User

This is the email address of the user who made the login attempt.

Date

This is the date and time on which the login attempt took place.

Action

This displays one of two values, depending on whether the user login was successful. The two login values are LOGIN_SUCCESS for successful login attempts, and LOGIN_FAILED for unsuccessful login attempts.

IP

This is the IP address of the user who made the login attempt.

Roles

This lists the roles assigned to the user who made the login attempt.

This displays the role name as roleName, the workspace in which the role is assigned as businessEntity, and the permissions granted by this role as permissions.

For example, this column may contain the value

[roles:[[roleName:MYCOMPANYcompanyadmin, businessEntityId:1.0, businessEntity:MYWORKSPACE, permissions:WA-DASH-EX-IM-TR-PL-MA]]]

which shows that this user is an admin within your organization, they tried to log in to the MYWORKSPACE workspace, and they have the listed permissions.

For more information on user roles, see Changing user permissions.

Dashboard access audits#

Dashboard access audits show a log of users who have visited (accessed) dashboards, and when these visits happened.

Dashboard access audits are displayed in a table with the following columns:

Workspace (ID and name)

This is the ID and name of the workspace in which the dashboard was accessed.

User

This is the name and email address of the user who accessed the dashboard.

Dashboard

This is the name of the dashboard that was accessed and the workspace the dashboard belongs to.

Visit time

This is the date and time on which the dashboard was accessed.

Data download audits#

Data download audits show information about data that has been downloaded from widgets or dashboards.

Data download audits are displayed in a table with the following columns:

Workspace

This is the workspace from which the data was downloaded.

User

This is the email address of the user who downloaded the data.

Date

This is the date and time on which the download took place.

Action

This shows the type of data download. For example, this column may display EXPORT_WIDGET or EXPORT_DASHBOARD.

Object ID

This shows the object from which the data was downloaded.

Filtering audits#

You can filter the information shown for login activity audits, dashboard access audits, and data download audits. You can filter all audit types by user and date range, and you can also filter dashboard access audits by dashboard.

To apply a filter to the audit you are currently viewing, above the table containing the audit information, fill in any of the following fields to set your filter, then click Find.

Filter by user

Enter the name or email address of a user.

You do not need to enter the user’s full name or email address. For example, you can search for Mic to see actions taken by users called Michelle and Michael.

(For dashboard access audits only) Filter by dashboard

Enter the name of a dashboard to see all actions performed for this dashboard.

You do not need to enter the full name of the dashboard. For example, you can search for Campaign to see actions taken on all dashboards that have “Campaign” in their name.

Start date

Enter the start date of the date range. The date range includes the start date.

End date

Enter the end date of the date range. The date range includes the end date.

Scheduling audit reports#

You can schedule login activity audits, dashboard access audits and data download audits. This allows you to regularly send corresponding audit reports to yourself and other users.

To schedule these audit reports, follow these steps:

  1. At the top of the selected audit page, click the Schedules tab.

  2. To schedule a monthly audit report, follow these steps:

    1. In the Schedule audit report monthly section of the page, in the Emails (comma separated) field, enter the email addresses of all users who will receive the audit report.

      To send the report to multiple users, separate the email addresses with commas.

    2. Click Update monthly scheduler.

  3. To schedule a daily audit report, follow these steps:

    1. In the Schedule audit report daily section of the page, in the Emails (comma separated) field, enter the email addresses of all users who will receive the audit report.

      To send the report to multiple users, separate the email addresses with commas.

    2. Click Update daily scheduler.

As a result, the audits will be run monthly and/or daily, depending on the option you chose. A copy of the audit report will be sent to all users whose email addresses you entered.

Contents