Audit Log
Using the Audit Log
The Audit Log tracks all user activities within the Eleveo applications (Quality Management, as well as User Management) for enhanced security and compliance purposes. By default, viewing and using the Audit Log is only available to users with the CC Manager or Compliance Analyst roles.
From the left menu, select Administration > Audit Log. The Audit Log screen will display recent events.
Click the Reset Filters icon beside a filtering option in order to clear each of the filters individually or click on the Remove Filters icon to clear all filters.
Or click on the Remove Filters icon to clear all filters and revert to the default setting.
You may filter results by Time Period, Activity, User or Result. Click Apply to apply the selected filters. By default, events from the past 10 days are displayed.
The search will refresh every time the filters are changed. You can also click on the refresh icon to force refresh the results.
Hover over the info icon to view details of the user who performed an audited action.
Hover over the info icon to view the full description of the audited action (useful for longer or more detailed descriptions).
The Audit Log messages are not localized, however, the name of some items (such as the name of tabs, or other items displayed in the Web UI) are displayed in the log in the language of the audited user.
Information Displayed
The Audit Log displays the following:
Date: The timestamp indicates the date and time when the auditable activity occurred. The time displayed in the log corresponds to the timezone of the current user. Not necessarily the server timezone.
Activity: Indicates the activity that triggered the creation of the log entry. Actions displayed in this list range from; when a user logs into the application, to the creation of an evaluation, to the deletion of a call. A more complete list of activities is provided in the section below.
User: Displays the full name of the user who triggered the auditable action.*
Username: Displays the username of the user who triggered the auditable action. (The username is the same as that used on the login screen.)*
Description: Provides a more fine-grained detail of the activity which was logged. Usually, the details include the id of the user who performed the action, but the actual details depend on the type of activity. The description field only displays what is provided by the backend in the json file, in some cases only a user ID is displayed. If it is necessary to determine which user matches a particular id, then it is necessary to access the database directly. For example, to determine a user related to a conversation search go to the Encourage database, and examine the Table of Users.
Result: Status message of the Requests and Responses (see below for a detailed explanation). Each completed action is listed in the log with an indication of success (OK), failure (FAIL) or lack of permission (UNAUTHORIZED).
*Events related to users/groups import from external sources (using user importers) do no contain the User and Username information.
QM Events
The QM activities that trigger the creation of the log entry can be divided into two groups: synchronous and asynchronous.
Asynchronous Events
All actions triggered from within the Conversation Explorer and Administrative screens in Quality Management (Compliance, Audit, Data Lifecycle, UI configuration, Tags) trigger the creation of multiple records in the Audit Log list. Each received request is listed in the log without a status message. Each completed action is listed in the log with an indication of success (OK), failure (FAIL) or lack of permission (UNAUTHORIZED).
For instance, pressing the Search button on Conversation Explorer leads to the creation of two log entries, one for each action:
request search (begins),
request search (ends).
In the example provided here, the bottom row indicates that a user performed a search of conversations (no result is displayed as this is only the start of the request). The upper row indicates the successful completion of the request. Success here is indicated by the "OK" status in the Result column.
Administrators can compare the timestamp of the request received and the request completion. Long delays between the two may be indicative of connectivity related issues.
Synchronous Events
Activities triggered on other screens with Quality Management lead to the creation of a single mention in the log with an indication of success (OK), failure (FAIL) or lack of permission (UNAUTHORIZED).
The Full List of Events
UM Events
Actions triggered from within User Management represent all access-related activities performed by users (for example: login, logout, requesting a token etc.).