The Auditing feature allows logging every file access, executed search queries, user log in/log out actions and actions about legal hold creation and deletion.
The Auditing feature has to be configured and enabled in order to function properly. (System -> Services -> Auditing)
- Enable auditing: the auditing functionality can be enabled or disabled anytime. If the auditing is disabled, then no new auditing entries will be added to the auditing log.
- Database connection: the database where the log entries will be saved. The database shouldn’t be changed. If the database is changed, then the previously created Auditing logs will not be accessible.
After the page is saved, the user is automatically redirected to the Auditing logs browse mode.
To modify the settings, the click on the Settings button on the Auditing logs browse view.
Auditing log browsing
The Auditing view is similar to the Monitoring. The user can filter the Auditing logs by user, date range or different event types. The grid that contains the Auditing logs can also be sorted by clicking on the column headers.
The columns contain the following information:
- Date: The exact date when the logged event happened
- Title: The title of the auditing event
- Description: A short description of the auditing event
- User: The user, who has done the action, which was logged into the Auditing. There are 2 special users – System and Anonymous. An Auditing event has the System user when a document is accessed by a job. The Anonymous user is used when the „Link security” option is disabled in the System settings and a document is downloaded from an external source (for example with an URL).
Auditing log details
By clicking on the arrow icon left of the Auditing entry, a detailed view will appear where the user can see more data about the action that caused the Auditing event.
If the item was viewed, there will be a Download link and an Open in contentWEB option. If the item was downloaded, there will be only the Download link.