Audit Log

Using the Audit Log

The Audit Log tracks all user activities within the Eleveo applications (Quality Management, as well as User Management) for enhanced security and compliance purposes. By default, viewing and using the Audit Log is only available to users with the CC Manager or Compliance Analyst roles.

From the left menu, select Administration > Audit Log. The Audit Log screen will display recent events.
Click the Reset Filters icon beside a filtering option in order to clear each of the filters individually or click on the Remove Filters icon to clear all filters.
Or click on the Remove Filters icon to clear all filters and revert to the default setting.
You may filter results by Time Period, Activity, User or Result. Click Apply to have selected filters being effective. By default, events from the past 10 days are displayed.
The search will refresh every time the filters are changed. You can also click on the refresh icon to force refresh the results.
Hover over the info icon to view details of the user who performed an audited action.

The Audit Log messages are not localized, however, the name of some items (such as the name of tabs, or other items displayed in the Web UI) are displayed in the log in the language of the audited user.

Information Displayed

The Audit Log displays the following:

Date: The timestamp indicates the date and time when the auditable activity occurred. The time displayed in the log corresponds to the timezone of the current user. Not necessarily the server timezone.
Activity: Indicates the activity that triggered the creation of the log entry. Actions displayed in this list range from; when a user logs into the application, to the creation of an evaluation, to the deletion of a call. A more complete list of activities is provided in the section below.
User: Displays the full name of the user who triggered the auditable action.*
Username: Displays the username of the user who triggered the auditable action. (The username is the same as that used on the login screen.)*
Description: Provides a more fine-grained detail of the activity which was logged. Usually, the details include the id of the user who performed the action, but the actual details depend on the type of activity. The description field only displays what is provided by the backend in the json file, in some cases only a user ID is displayed. If it is necessary to determine which user matches a particular id, then it is necessary to access the database directly. For example, to determine a user related to a conversation search go to the Encourage database, and examine the Table of Users.
Result: Status message of the Requests and Responses (see below for a detailed explanation). Each completed action is listed in the log with an indication of success (OK), failure (FAIL) or lack of permission (UNAUTHORIZED).

*Events related to users/groups import from external sources (using user importers) do no contain the User and Username information.

QM Events

The QM activities that trigger the creation of the log entry can be divided into two groups: synchronous and asynchronous.

Asynchronous Events

All actions triggered from within the Conversation Explorer and Administrative screens in Quality Management (Compliance, Audit, Data Lifecycle, UI configuration, Tags) trigger the creation of multiple records in the Audit Log list. Each received request is listed in the log without a status message. Each completed action is listed in the log with an indication of success (OK), failure (FAIL) or lack of permission (UNAUTHORIZED).

For instance, pressing the Search button on Conversation Explorer leads to the creation of two log entries, one for each action:

request search (begins),
request search (ends).

In the example provided here, the bottom row indicates that a user performed a search of conversations (no result is displayed as this is only the start of the request). The upper row indicates the successful completion of the request. Success here is indicated by the "OK" status in the Result column.

Administrators can compare the timestamp of the request received and the request completion. Long delays between the two may be indicative of connectivity related issues.

Synchronous Events

Activities triggered on other screens with Quality Management lead to the creation of a single mention in the log with an indication of success (OK), failure (FAIL) or lack of permission (UNAUTHORIZED).

The Full List of Events

Click here to expand...

The table below contains all activities that trigger the creation of the log entry, as well as an indication if they are synchronous or asynchronous.

Module	Activity	Description	Asynchronous	Synchronous
Conversation Explorer	CONVERSATION_EVENT_ANONYMIZE_ADD	Anonymization of the conversation	x
	CONVERSATION_BY_ID	Interaction lookup by ID	x
	CONVERSATION_EVENT_CHAT_CHANGE	Chat updated	x
	CONVERSATION_CLIENT_SEARCH	Interaction(s) searched for	x
	CONVERSATION_EVENT_EMAIL_CHANGE	Email updated	x
	EXPORT_EXECUTE	Interaction metadata exported	x
	CONVERSATION_EVENT_METADATA_CHANGE	Metadata updated	x
	CONVERSATION_EVENT_REVIEW_ADD	Review added	x
	CONVERSATION_EVENT_REVIEW_CHANGE	Review changed	x
	CONVERSATION_SEARCH	Interaction(s) searched for	x
	CONVERSATION_EVENT_SURVEY_ADD	Survey added	x
	CONVERSATION_EVENT_SURVEY_CHANGE	Survey changed	x
	CONVERSATION_EVENT_TAG_ADD	Interaction tag added	x
	CONVERSATION_EVENT_TAG_REMOVE	Interaction tag removed	x
	CONVERSATION_EVENT_TAG_UPDATE	Interaction tag updated	x
Automated Quality Management	AUTOMATED_RULE_CREATED	Rule created	x
	AUTOMATED_RULE_MODIFIED	Rule updated	x
	AUTOMATED_RULE_DELETED	Draft rule deleted	x
Administration	AUDIT_SEARCH	Audit page search used	x
	FIELD_CONFIG_LIST	Configuration field list showed	x
	FIELD_CONFIG_UPDATE	Configuration field updated	x
	LABEL_CREATE	User label created	x
	LABEL_DELETE	User label deleted	x
	LABEL_UPDATE	User label updated	x
	METADATA_KEY_UPDATE	Metadata key for search updated	x
	PASSWORD_CREATE	Password created	x
	SEARCH_TEMPLATE_UPDATE	Search template updated	x
	SAVED_FILTER_SEARCH	Saved Filters searched by name, or displayed	x
	SAVED_FILTER_ASSIGNMENT_MODIFIED	Assignment of users to a saved filter modified	x
	USER_LIST	User list displayed	x
	EDIT_AUDIT_REASON	Replace reason changed	x
	MERGE_AUDIT_REASON	Replace reason merged	x
	FIELD_CONFIG_LIST	Configuration field list showed	x
	FIELD_CONFIG_UPDATE	Configuration field updated	x
	METADATA_KEY_UPDATE	Metadata key for search updated	x
Reviews	CREATE_EVALUATION	Review created		x
	START_EVALUATION	Review started		x
	COMPLETE_EVALUATION	Review completed		x
	DELETE_EVALUATION	Review deleted		x
	DELETE_FINISHED_EVALUATION	Finished review deleted		x
	EVALUATION_REPORT	Review report viewed		x
	EVALUATIONS_SEARCH	Searched for review		x
	REALLOCATE_EVALUATIONS	Reviews reallocated		x
	REPLACE_CALL	Call replaced in review		x
	REOPEN_EVALUATION	Review reopened		x
	ADD_INTERACTION_TYPE	Interaction type added to review		x
	ADD_PARTICULAR_CALL	Particular call added to review		x
	EDIT_EVALUATORS_GROUP	Evaluators group edited		x
	EDIT_GROUP	Group edited		x
	EDIT_INTERACTION_TYPE	Interaction type edited		x
	EDIT_OPTIONS	Options edited		x
	REVEAL_TO_AGENT_CHANGED	Reveal to agent state changed		x
	SAVE_EVALUATION	Evaluation saved		x
Questionnaires	ADD_QUESTIONAIRE	Questionnaire added		x
	REMOVE_QUESTIONAIRE	Questionnaire removed		x
	EDIT_QUESTIONAIRE	Questionnaire edited		x
	EDIT_QUESTIONAIRE_CALL_SELECTION_RULES	Questionnaire call selection rules edited		x
	EDIT_QUESTIONAIRE_PROPERTIES	Questionnaire details edited		x
	EDIT_QUESTIONAIRE_PERMISSIONS	Questionnaire permissions edited		x
	ADD_SCORING_TIER	Scoring Tier created		x
	UPDATE_SCORING_TIER	Scoring Tier updated		x
	REMOVE_SCORING_TIERS	Scoring Tiers removed		x
Surveys	SURVEYS_SEARCH	Survey(s) searched for		x
Training	TRAININGS_SEARCH	Trainings searched for		x
Speech Recognition	ADD_SPEECH_TAG	Speech tag added		x
	EDIT_SPEECH_TAG	Speech tag edited		x
	REMOVE_SPEECH_TAG	Speech tag deleted		x
Data Export	DATA_EXPORT_CREATE	Data Export Created		x
	DATA_EXPORT_DELETE	Data Export Deleted		x
	DATA_EXPORT_CHANGED	Data Export Updated		x
	DATA_EXPORT_DOWNLOAD	Output file downloaded		x
	DATA_EXPORT_EMAILED	Output file emailed		x
	DATA_EXPORT_RUN_MANUAL	Task Execution Manual		x
	DATA_EXPORT_RUN_SCHEDULED	Data Export scheduled execution		x
Misc	TAB_CLOSED	Tab is closed		x
	TAB_OPENED	Tab is opened		x
	TAB_FOCUSED	Tab is focused		x
	ACCESS_MEDIA	Media accessed		x
	ADD_GROUP	Group added		x
	DELETE_CALL*	Call deleted		x
	REMOVE_INTERACTION_TYPE	Interaction type removed		x
	REMOVE_GROUP	Group removed		x
	SEND_FEEDBACK	Agent feedback sent		x
	SEND_RECORDING	Recording sent		x
	SYNCHRONIZE_NOW	Remote user synchronization forced		x
	INCLUDE_IN_REPORTS_CHANGED	Include in reports review status changed		x
	EDIT_AUDIT_REASON	Replace reason changed		x
	EDIT_USER	User edited		x
	MERGE_AUDIT_REASON	Replace reason merged		x
	USER_LOGIN	Interaction Tag name edited		x
	USER_LOGOUT	User logged out		x
	USER_PROFILE_CHANGE_DELEGATE	User profile delegation changed		x

*This event is triggered when a subevaluation is deleted (not when a call/conversation is deleted).

UM Events

Actions triggered from within User Management represent all access-related activities performed by users (for example: login, logout, requesting a token etc.).

Click here to expand...

The following list is representative of the Login Events in User Management:

Module	Activity	Description	Asynchronous	Synchronous
Custom Activities	ACTION_PUSHER_SYNC	Synchronization with pusher triggered		x
	CREATE_CUSTOM_ROLE	Custom role created		x
	CREATE_CUSTOM_ROLE_MAPPING	Role mapping to custom role created		x
	CREATE_LICENSE	License file imported to user management		x
	CREATE_PROVIDER_CLIENT	Provider client created		x
	CREATE_SUPERVISOR_MEMBERSHIP	Supervisor membership created		x
	DELETE_CUSTOM_ROLE	Custom role deleted		x
	DELETE_CUSTOM_ROLE_MAPPING	Role mapping to custom role deleted		x
	DELETE_EVENTS	Events deleted		x
	DELETE_IMPORTED_USERS	Imported users deleted		x
	DELETE_PROVIDER_CLIENT	Provider client deleted		x
	DELETE_SUPERVISOR_MEMBERSHIP	Supervisor membership deleted		x
	UPDATE_CUSTOM_ROLE	Custom role updated		x
	UPDATE_REALM_SETTINGS	Realm settings updated		x
	UPDATE_SUPERVISOR_MEMBERSHIP	Supervisor membership updated		x
	UPDATE_USER_EXTENSION	User extension updated		x
Build-in Activities	AUTHREQID_TO_TOKEN	Client initiated backchannel authentication (CIBA) token granted		x
	AUTHREQID_TO_TOKEN_ERROR	Error on granting CIBA token		x
	CLIENT_DELETE	Client deleted		x
	CLIENT_DELETE_ERROR	Error on client deletion		x
	CLIENT_INFO	Client info obtained during client registration		x
	CLIENT_INFO_ERROR	Error on getting client info		x
	CLIENT_INITIATED_ACCOUNT_LINKING	User account linked with external identity provider using specific client		x
	CLIENT_INITIATED_ACCOUNT_LINKING_ERROR	Error on client initiated account linking		x
	CLIENT_LOGIN	Client logged in		x
	CLIENT_LOGIN_ERROR	Error on client login		x
	CLIENT_REGISTER	Client registered		x
	CLIENT_REGISTER_ERROR	Error on client registration		x
	CLIENT_UPDATE	Client updated		x
	CLIENT_UPDATE_ERROR	Error on client update		x
	CODE_TO_TOKEN	Authorization code exchanged for a token		x
	CODE_TO_TOKEN_ERROR	Error on exchanging authorization code for a token		x
	CUSTOM_REQUIRED_ACTION	Custom required action triggered		x
	CUSTOM_REQUIRED_ACTION_ERROR	Error on custom required action		x
	DELETE_ACCOUNT	User deleted its account via manage acount console		x
	DELETE_ACCOUNT_ERROR	Error on account deletion		x
	EXECUTE_ACTIONS	Action executed		x
	EXECUTE_ACTIONS_ERROR	Error on executing action		x
	EXECUTE_ACTION_TOKEN	Token permitting specific action executed		x
	EXECUTE_ACTION_TOKEN_ERROR	Error on action token execution		x
	FEDERATED_IDENTITY_LINK	User account linked with federated identity provider		x
	FEDERATED_IDENTITY_LINK_ERROR	Error on federated identity link		x
	GRANT_CONSENT	Consent granted		x
	GRANT_CONSENT_ERROR	Error on consent grant		x
	IDENTITY_PROVIDER_FIRST_LOGIN	Login with identity provider triggered for the first time		x
	IDENTITY_PROVIDER_FIRST_LOGIN_ERROR	Error on identity provider first login		x
	IDENTITY_PROVIDER_LINK_ACCOUNT	Identity provider account linked		x
	IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR	Error on identity provider link account		x
	IDENTITY_PROVIDER_LOGIN	Identity provider used to log in		x
	IDENTITY_PROVIDER_LOGIN_ERROR	Error on identity provider login		x
	IDENTITY_PROVIDER_POST_LOGIN	Identity provider post login action triggered		x
	IDENTITY_PROVIDER_POST_LOGIN_ERROR	Error on identity provider post login		x
	IDENTITY_PROVIDER_RESPONSE	Identity provider responded		x
	IDENTITY_PROVIDER_RESPONSE_ERROR	Identity provider response error		x
	IDENTITY_PROVIDER_RETRIEVE_TOKEN	Identity provider token retrieved		x
	IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR	Error on identity provider retrieve token		x
	IMPERSONATE	Logged user is switched/impersonated to other user		x
	IMPERSONATE_ERROR	Error on user impersonation		x
	INTROSPECT_TOKEN	Token introspected		x
	INTROSPECT_TOKEN_ERROR	Error on introspect token		x
	INVALID_SIGNATURE	Invalid certificate signature		x
	INVALID_SIGNATURE_ERROR	Invalid signature error		x
	LOGIN	User logged in		x
	LOGIN_ERROR	Error on user login		x
	LOGOUT	User logged out		x
	LOGOUT_ERROR	Error on user logout		x
	OAUTH2_DEVICE_AUTH	Device authorization		x
	OAUTH2_DEVICE_AUTH_ERROR	Error on device authorization		x
	OAUTH2_DEVICE_CODE_TO_TOKEN	Device authorization code for token		x
	OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR	Error on exchanging device authorization code for token		x
	OAUTH2_DEVICE_VERIFY_USER_CODE	Device user code verified		x
	OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR	Error on user code verification		x
	PERMISSION_TOKEN	User management access (UMA) token grant type requested		x
	PERMISSION_TOKEN_ERROR	Error on UMA token grant request		x
	PUSHED_AUTHORIZATION_REQUEST	Authorization request pushed		x
	PUSHED_AUTHORIZATION_REQUEST_ERROR	Error on pushing authorization request		x
	REGISTER	User registered		x
	REGISTER_ERROR	Error on user register		x
	REGISTER_NODE	New client cluster node registered		x
	REGISTER_NODE_ERROR	Error on registering client cluster node		x
	REMOVE_FEDERATED_IDENTITY	Federated identity removed		x
	REMOVE_FEDERATED_IDENTITY_ERROR	Error on removing federated identity		x
	REMOVE_TOTP	Time-based one-time password removed		x
	REMOVE_TOTP_ERROR	Error on remove time-based one-time password		x
	RESET_PASSWORD	Password reset		x
	RESET_PASSWORD_ERROR	Error on password reset		x
	RESTART_AUTHENTICATION	Authentication restarted		x
	RESTART_AUTHENTICATION_ERROR	Error on authentication restart		x
	REVOKE_GRANT	Token grant revoked		x
	REVOKE_GRANT_ERROR	Error on token revoke grant		x
	SEND_IDENTITY_PROVIDER_LINK	Identity provider link sent		x
	SEND_IDENTITY_PROVIDER_LINK_ERROR	Error on sending identity provider link		x
	SEND_RESET_PASSWORD	Reset password sent		x
	SEND_RESET_PASSWORD_ERROR	Error on sending reset password		x
	SEND_VERIFY_EMAIL	Verify email sent		x
	SEND_VERIFY_EMAIL_ERROR	Error on sending verify email		x
	TOKEN_EXCHANGE	Token exchanged		x
	TOKEN_EXCHANGE_ERROR	Error on token exchange		x
	UNREGISTER_NODE	Client cluster node unregistered		x
	UNREGISTER_NODE_ERROR	Error on client cluster node unregistration		x
	UPDATE_CONSENT	User consent updated		x
	UPDATE_CONSENT_ERROR	Error on user consent update		x
	UPDATE_EMAIL	Email updated		x
	UPDATE_EMAIL_ERROR	Error on update email		x
	UPDATE_PASSWORD	Password updated		x
	UPDATE_PASSWORD_ERROR	Error on update password		x
	UPDATE_PROFILE	Profile updated		x
	UPDATE_PROFILE_ERROR	Error on update profile		x
	UPDATE_TOTP	Time-based one-time password updated		x
	UPDATE_TOTP_ERROR	Error on update time-based one-time password		x
	VALIDATE_ACCESS_TOKEN	Access token validated		x
	VALIDATE_ACCESS_TOKEN_ERROR	Error on validating access token		x
	VERIFY_EMAIL	Email verified		x
	VERIFY_EMAIL_ERROR	Error on verify email		x
	VERIFY_PROFILE	Profile verified		x
	VERIFY_PROFILE_ERROR	Error on verifying profile		x