Audit Logs Overview

About Audit Logs

The Audit Log Management page provides a record of activities, including timestamp, user name, resource involved, action taken, and any additional details, based on the type of audit log selected.

The types of audit logs available are based on user permissions and usually require admin permission for the menu used.
Note: User Management is only available when you are logged in as a tenant administrator.
Analytics
Displays the history for all Analytic operations, orchestration operations, and asset filter operations. The log entry includes the date/time, name of the Alert or Analysis Template and the action taken, type of transaction (analytic, orchestration, or asset filter), previous values (if applicable) with the appropriate metadata, and any changed values with the appropriate metadata.
Analysis
Displays information regarding what was updated: date, time, name of template, type of template, and user name.
Asset Management
Displays information regarding what was updated: Enterprise, Site, Segment, Asset, Equipment Template, and any additional details.
User Management
Displays information related to the tenant administrator activities: Create, Update, and Delete for users and groups.
Alarm Management
Displays information including the name of the Alert or Analysis Template and the action taken. The following are possible actions:
  • Alert Created or Reopened
  • Mark as Processed
  • Alert Template updated
  • Disposition updated
  • Claim/Release an alert
  • Case Linked
  • Add/Delete a Note
  • Add/Delete an Attachment
Alarm Management also includes any additional information, such as whether it is a recurring alert or, when a case is linked to an alert, the Case Name.
Alert/Cases Templates
Displays information associated with the creation, modification, and deletion of alert templates and case templates for a selected date range. Actions include when an alert or a case template was created or its attributes were updated, and when a template was deleted. The name of the user who modified the alert or case template is also recorded in the log.
Note: You can view the log for alert or case templates only if you are a user with administrator privileges.
Cases
Displays information associated with the creation, modification, and deletion of cases, and the name of the user who made the changes. The following details are recorded:
  • Case Assigned
  • The user name of the user who initiated an action.
  • Template Applied
  • Case Created or Deleted
  • Case Acknowledged
  • Case Claimed
  • Claim Released for a Case
  • Updates to Severity, Case Name, Case Status, External Case ID, Category, Likelihood, Urgency, Symptoms, Diagnosis, Recommendation, Closure Code, Note, or Date, or Visibility
  • Note Added or Deleted
  • Attachment Added or Deleted
Units of Measure Conversions

Displays information associated with the creation and modification of units of measure conversions. The following details are recorded:

  • The date and time of an activity.
  • The user name of the user who initiated an action.
  • The type of the resource, such as a Unit Group or Units of Measure Conversion.
  • The action (for example, Create a Unit Group, Rename a Unit Group, Create a Units of Measure Conversion, and Modify a Units of Measure Conversion).
  • Information about the activity.
Smart Signal

Displays information associated with the creation, modification, and deletion of datasources, data ingestion and data deletion. The log also includes the name of the user who performed the action. The following are possible actions:

  • Datasource creation
  • Datasource Modification
  • Datasource Deletion
  • Data Ingestion Failures
  • Data Deletion
Timeseries

Displays information associated with significant business events user actions, such as creation, modification, and deletion of resources and analytics. The log includes, details about the user and the source application who performed these actions. Note that the service focuses only on business events and does not monitor server health or application status. The following are possible actions:

  • Analytic Modification
  • Asset Modification
  • Blueprint Modification

Access Audit Logs

Before You Begin

You must have the necessary permissions to access the Audit Log Management page.

Procedure

  1. In the Applications menu, navigate to ADMIN > Predix Administrator > Audit Logs.
  2. In the Choose Audit Log box, select one of the following options:
    • Asset Management
    • Analytics
    • Analysis
    • Cases
    • Alarm Management
    • Alerts/Cases Templates
    • Units of Measure Conversions
    • Smart Signal
    • Timeseries
    • User Management: This option is available only when you are logged in as a tenant administrator.
    The Audit Log Management page appears with first 250 records. The default time range is 7 Days. In addition, you can filter and sort the data by column.

Filter Audit Logs

You can search and apply filters to the records displayed in the Audit Log Management page.

Procedure

  1. Access Audit Logs.
  2. Select Search bar.
  3. Enter one the following combinations:
    • Single term search: For example: actor:"Dennis" will initiate the search for any audit event where the actor field contains the word Dennis.
    • Multiple term search: Multiple search terms can be joined using the AND and OR operators. For example: actor:"Dennis" AND target:"Security" will initiate the search for events where the actor field contains Dennis and the target contains Security.
    • Grouping term search: Search terms can be logically grouped using parentheses. For example: (actor:"Dennis" OR target:"Grant") AND target "Security" will initiate the search for events where the actor is Dennis or Grant and the target contains Security.
  4. Select Search.
    Updated results are displayed.
  5. Select .
    Displays the list of fields based on the selected Audit Log.
  6. Enter the value in the fields you want to search.
  7. Select 7 Days .
    The following options are displayed:
    • Quick selections: This allow you to select either 1, 7, or 30 days.
    • Relative: This allows you to select a custom date range.
    • Between: This allows you to select between two specific dates.
    • Before: This allows you to select a specified date.
    • After: This allows you to select a specified date.
  8. Select a date range as needed.
  9. Select Search.
    Results are updated based on the time range selected.
  10. Select Download.
    The search results of the audit logs are downloaded to a CSV file.
    Note: If a pop-up appears, click Allow to confirm the download.
  11. Select .
    Configure Table appears with the list of fields.
    Note: You can chose the fields that you want to see in the result pane by enable/disable the checkbox against the field. Additionally you can drag drop the fields to order the columns in the result pane.