Search Results for

    Show / Hide Table of Contents

    Component: Audit Log Export

    Introduction

    Audit Log Export component is a component that exports audit log data periodically. Which data can be exported and how it is represented in the output file can be configured flexibly. The version 1.0.0 only supports CSV output file but it is designed to be extendable.

    Features

    Settings

    Settings page is used to manage general settings of the components, such as connection and output file. The settings will be automatically created if it does not exist.

    Settings page

    Edit Settings

    To edit the settings, click on the Edit button.

    Settings edit button

    The dialog of Edit Settings will be opened. On the dialog, you can see two sections:

    Settings edit dialog

    General settings

    SFTP Connection: This setting is required. You must select one SFTP connection from the dropdown list on the dialog.

    When an SFTP connection is selected, the information of the corresponding Host, Port, and Root path will be shown.

    Note: Read SFTP hub to learn how to set up SFTP connection

    File settings Below are settings for the output file. These settings, when are set, will override the settings of the plugin which handles the output file.

    • File type [required]: You can choose the type of the output file via this setting. CSV is the only option in the current version of the component.
    • Culture [optional]: It is the culture information of the output file which affects formats of some values in the file. The default value is the current culture of the web server.
    • Date time format [optional]: Values which are date time will follow this format setting. If the setting is unset, the short date format of the set or current culture will be used.
    • Encoding [optional]: This setting specifies how the content of the file is encoded. The default value is UTF-8.
    • Byte order mark (BOM): The checkbox indicates whether the BOM should be inserted to the file or not. It also depends on the encoding setting. If the used encoding does not support BOM then this setting is ignored. By default, the BOM is disabled.
    • Escape character [optional]: If it is defined, the defined character will be escaped in the content of the file.
    • Enclosing character [optional] [For CSV only]: If any value in the file needs to be enclosed, the component will use this defined character to enclose the value.
    • Enclose all [For CSV only]: With this setting enabled, the component will enclose all values in the content of the file.
    • Delimiter [optional] [For CSV only]: The string that separates fields' values in the content of the output file. If it is not defined, the component will use the delimiter from the the set or current culture.

    Audit Log Collection Manager

    Audit Log Export component provides flexible configurations for what and how audit logs are exported.

    On this page, you can view, add, edit or delete audit log collection configurations. In addition, this page also provides import and export features that help to move the configurations around different environments. These two features can also be used to do the restore and backup tasks.

    Audit log collection manager

    This page has a basic layout which consists of a list and some actions to manipulate items on the list.

    Audit Log Collection List

    The list includes 9 columns:

    • Collection name:: The name of the collection
    • Description: Some details or notes about the collection
    • Partition field: The field which is used to split the data into partitions for each run
    • Maximum records per file: The number of maximum records can be included in one file
    • Worker sites: The worker sites' names that are used to filter audit logs
    • Created at: The date time that the collection is created
    • Modified at: The latest date time that the collection is modified
    • Modified by: The name of the user that modified the collection
    • Active: Indicates if the collection is included in a run

    Audit log collection list

    Add or Edit Audit Log Collection

    To add a new audit log collection, click on the Add button. To edit an existing audit log collection, click on the Edit button.

    Add or edit audit log collection

    On the popup dialog, you can input the configuration for the audit log collection:

    Audit log collection add/edit dialog

    • Collection name [required]: You must input a representative name of the collection.
    • File name pattern [required]: The pattern of the file name. The name of the output file will follow this pattern. Because of that, the pattern cannot contain any of the following characters: \ / : * ? " < > |. However, the component supports some dynamic fields for the pattern:
      • Use [[collection_name]] for the collection's name
      • Use [[timestamp@]] for the current timestamp in a specific format. For example, [[timestamp@yyyy.MM.dd HHmm]]
      • Use [[file_index]] for the index of the file. Don't use it if you want the system handles it automatically
    • Description [optional]: You can write anything you want in this field to describe the collection.
    • Partition field [optional]: Select a field that separate the audit logs in each run.
    • Maximum records per file [optional]: Enter a maximum number of records in an output file.
    • Audit log types [required]: Currently, there are two types of audit logs, one is Authorization and the other is Data Object. You can select one or both of them. The component will only export the audit logs which have the type that you select.
    • Worker sites: Audit logs can come from different worker sites. If you wish to get the audit logs on some specific worker sites, you can select as many as you want here. If you want all audit logs regardless of worker sites, you can just leave it empty.
    • Active: Mark it if you want the component to export audit logs for this collection. Otherwise, the component will ignore the collection.

    Beside above configurations, you can also tell the component what data fields to be exported. The next section on the dialog is the list of the data fields.

    Data fields

    Here are attributes that can be configured for a data field:

    • Data source [required]: Select a data source from the dropdown list. For data fields that belong to the audit log, select AuditLog.
    • Name [required]: When the data source is changed, the selectable list of fields' names is changed correspondingly.
    • Alias [optional]: If it is defined, the component will use it as the header in the output file. If it is empty, the component will use the original field's name instead.
    • Transform rule [optional]: If you want to transform the raw data, select a proper rule. The data will be transformed before the file is generated.

    After filling in the information, click on Save and close button to complete adding or editing the collection configuration.

    Delete an Audit Log Collection

    Select an audit log collection and click on the Delete button to delete an Audit log collection configuration.

    Delete audit log collection

    After clicking on the button, a confirmation dialog will be displayed. If you click on the Yes button, the configuration will be deleted immediately. If you select the No button, the deletion will be cancelled.

    Delete audit log collection confirmation

    Export Audit Log Collection Configurations

    To export one or several audit log collection configurations, select them, then click on the Export button. The download will be started shortly. If there is no selection, the component will export all configurations.

    Export audit log collection configurations

    Import Audit Log Collection Configurations

    Before getting started, please noted that all the data collection configs that exist in the destination environment will be overridden (Identified by collection name). To import audit log collection configurations, click on the Import button to open the import dialog.

    Audit log collection configurations import dialog

    Then, click on the placeholder of the File upload field to open file selection dialog.

    Next, select a JSON file to import. After selecting the file, click on the Import button to start the import process. Click on Cancel button if you want to call off.

    Audit log collection configurations import buttons

    Scheduled Job

    The export process is started automatically from a scheduled job. This scheduled job is configured to run daily at a specific time which varies for different applications.

    When the time is up, the export starts. It will only process for active audit-log collections, one by one. If the collection is defined with the Partition field, the component will only get the audit logs, of which the partition field's value is between the latest successful run to the current time. Otherwise, the time is not taken in to the account.

    After the audit logs are retrieved and all of the output files are generated successfully, the component will upload those prepared files to the SFTP server which is configured in the General settings. If there is any file which cannot be generated, the process will be cancelled.

    All files are listed on the Audit log files page.

    Audit Log File List

    On the Audit log files page, you can see a list of audit log files which are involved in previous runs. Besides, you can also download generated files.

    Here is the image of the page:

    Audit log file list

    As you can see in the screenshot, there are 5 columns on the file list, each shows different information:

    • File name: Obviously is the name of the file

    • Collection name: The name of the collection that the file belongs to

    • Status: The status of the file. Each file can have one out of seven different statuses:

      • New: The component is ready to create the file
      • Preparing: The content of the file is being prepared. The component is creating the file
      • Failed to prepare: The component fails to prepare the file. The file is not created
      • Prepared: The preparation of the file is complete. The file is saved to the application's storage
      • Uploading: The file is being uploaded to the remote host
      • Failed to upload: Something goes wrong while the file is being uploaded to the remote host
      • Uploaded: The file is successfully uploaded
    • Created at: The timestamp that the file is prepared and saved to the storage at

    • Error message: Error that happens in the process

    To download a file, select it on the list and click on the Download button. The file is available to be downloaded only if its status is Prepared, Uploading, Failed to upload or Uploaded.

    Download audit log file

    Installation

    Requirements

    • Casewhere 2.6.0 or later.

    Configuration

    1. Import products: Casewhere SFTP Hub, Product-Cw CSV and Casewhere Audit Log Export
    2. Link the administration page to your worker sites and configure access control
    3. Configure the SFTP hub folder and SFTP connection
    4. Configure the Audit Log Export settings

    Dependencies

    • Component: SFTP hub
    • Plugin: CSV

    Releases

    1.0.0 - 06/06/2022

    Changelog

    • Audit log export settings
    • Collection configuration
    • Output file list page

    Download (login required): Audit Log Export v1.0.0

    Roadmap

    • More format
    • Support different data storage: Sharepoint, Azure storage rather than SFTP
    In This Article
    Back to top Generated by DocFX