Audit log - Data360_Analyze - Latest

Data360 Analyze Server Help
Product type
Software
Portfolio
Verify
Product family
Data360
Product
Data360 Analyze
Version
Latest
ft:locale
en-US
Product name
Data360 Analyze
ft:title
Data360 Analyze Server Help
Copyright
2025
First publish date
2016
ft:lastEdition
2025-02-20
ft:lastPublication
2025-02-20T11:13:02.494000

The audit log provides Administrators with a high level overview of actions that have taken place, when they occurred, and which user initiated the action. The log is output in JSON format which allows for post-processing and further analysis. For example, it can be read by the JSON Data node.

These actions are audited:

  • All login attempts, both successful and unsuccessful.
  • Run and save a data flow.
  • Node execution.
  • Create, update and delete schedules.
  • Execute a scheduled run.
  • Change schedule system settings.
  • LDAP/AD import.
  • Change of LDAP/AD system settings.
  • Create, update, and delete a user.
  • Create workspaces.
  • Upload, download or access a data file.
  • Create, update, move and delete a data connection and a data collection.
  • Create, update and delete a mount point.
  • Extract a zip file.
  • Add or remove a user role.
  • Change password.
  • Create, update, and delete group.
  • Create, update and delete folders.
  • Logout and UI session timeout.
  • Start and completion of backup.
Note: Sensitive data such as passwords are not included in the audit log. The actual features that are available on your system depend on your license.

The audit log is located at: <Data360Analyze site configuration directory>/logs/lae-audit.log

For example, C:/Users/<username>/Data360Analyze/site-7731/logs

Every day that the application is used, a new audit log file is created. Log files for previous days are saved in the same folder with the creation date as a suffix, for example lae-audit.log.2018-10-31.

The first section in this topic gives an overview of the elements that make up the audit log, see Understanding the audit log.

The second section gives details of how to map specific actions to log entries, see Identifying and tracing actions.

The final section gives an overview of the elements that make up the node audit log, see Understanding the node audit log. The node audit log file will be created under <siteDir>/logs/nodes/<Date>/<User>/<DataFlow>/<runId>/<AutogeneratedId>.log and is referenced in the lae-audit.lognodeProcessed audit log entry in the "auditLog" argument.

Understanding the audit log

In general, log entries are made up of these pieces of information:

Log entry information Description Example

timestamp

Indicates the time and date of the audited action. Each new timestamp indicates a new audit log entry. "timestamp":"2018-08-03T12:53:00.163+01:00"

auditCode

The name of the action.

 "auditCode":"executionSessionService.execute"
userID

The userID can be used to identify the user that initiated the action. Generally, this is the user who has signed in to the application, but in some cases it is the system user. For example, the system user takes the authentication action.

 "userId":"b9469ceb-65bd-472c-b8fa-d71a63be6929"
username

The username can be used to identify the user that initiated the action. Generally, this is the user who has signed in to the application, but in some cases it is the system user. For example, the system user takes the authentication action.

 "username":"user1234"
tenantName The name of the deployment — with the currently supported model, this will always be set to defaultTenant. "tenantName":"defaultTenant"
success

A true or false statement that indicates if the action completed successfully or not.

 "success":true
arguments The arguments passed in the API request.

"arguments": { "taskProperties": { "executionPlanLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:lavastorm~directory:shared~scheduled-task:23ffaaaf-3993-42b6-bfaa-24ec9729f303~execution-plan:fc0e522c-ca12-4890-847c-39376703f8ed" }, "scheduledTaskId":"23ffaaaf-3993-42b6-bfaa-24ec9729f303", "scheduledTaskName":"sc" },

response The API response to the action. Contains defined error fields.

"response": { "execution": { "stopAtNode":"object:!tenant:defaultTenant~directory:__Root__~directory:lavastorm~directory:shared~graph:7ea22fc9-6f1a-4dbd-b4d7-6b04b673642c~element:91f4d3d0-3b99-4f20-92ce-040d196ca995", "executionSession":"object:!tenant:defaultTenant~directory:__Root__~directory:lavastorm~directory:shared~execution-session:e83a5a5c-e7be-45a8-9882-9b6a1d3e9418", "id":"1c0b8513-9237-6659-8dcc-a076578b2adb" } }

Tip: See the API documentation for more information on the API arguments and responses.

Identifying and tracing actions

By understanding the information tags within an audit log, you can follow the trail of actions undertaken by a specific user, or trace the changes to a given data flow.

For example, a new data flow is created with the following ID: 6ca06e21-73d0-4816-b44d-238903d3768f

{"timestamp":"2018-11-05T10:20:29.411Z","auditCode":"executionSessionService.create","userId":"b9469ceb-65bd-472c-b8fa-d71a63be6929","username":"User1234","tenantName":"defaultTenant","success":true,"arguments":{"executionSession":{"id":"49486f20-96ca-4a70-8f32-f738b15e59fc","graphLocator":"object:!tenant:defaultTenant~workspace:908ee33e-5eee-1694-4284-63aea9310e8c~edit-session:c833d293-c2e8-4dea-b129-60630f38558a~graph:6ca06e21-73d0-4816-b44d-238903d3768f","lxsId":null,"runtimeProperties":{},"valid":false,"runBy":"User1234","runDate":null,"runState":null,"lastExecutionCandidates":[],"allExecutionCandidates":[],"executionLogId":null,"interfaces":["ExecutionSession"]},"workspaceLocator":"object:!tenant:defaultTenant~workspace:908ee33e-5eee-1694-4284-63aea9310e8c"},"response":"object:!tenant:defaultTenant~workspace:908ee33e-5eee-1694-4284-63aea9310e8c~execution-session:49486f20-96ca-4a70-8f32-f738b15e59fc"}

Later, a new schedule is created based on this data flow:

{"timestamp":"2018-11-05T14:09:14.478Z","auditCode":"simpleScheduledTaskService.create","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"containerLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:c5eb280e-773f-d5bc-679a-455d6d702462","simpleScheduledTaskDto":{"id":"6e140249-5b0d-4428-9913-c19672336633","name":"schedule test","description":null,"enabled":true,"triggerProperties":{"cronExpression":"0 09 14 1 1/1 ? *","startDateTime":"2018-11-05T14:09:06Z","interval":"monthly","monthlyScheduleOption":"day-of-week"},"runAs":null,"dataflowId":"6ca06e21-73d0-4816-b44d-238903d3768f","runProperties":{},"searchPath":["object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:c5eb280e-773f-d5bc-679a-455d6d702462"]}},"response":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:c5eb280e-773f-d5bc-679a-455d6d702462~scheduled-task:6e140249-5b0d-4428-9913-c19672336633"}

Examples

Some examples of common audit log entries are listed in the tables below, along with a description of how the log entry relates to a user action in Data360 Analyze:

Login

Log entry Description

"auditCode":"authenticationSuccess"

Indicates that a user has successfully signed in to Data360 Analyze.

When a user signs in to the application, you will also see the following log entry:

securityConfigurationService.getSecurityConfig

{"timestamp":"2018-11-05T09:57:38.705Z","auditCode":"authenticationSuccess","userId":"_system_","username":"system","tenantName":"defaultTenant","success":true,"arguments":{"remoteHost":null,"username":"User1234"},"response":"User1234"}

Create or update user or group

In these examples, all actions except groupService.create and groupService.updateGroup are logged as a result of a single create user request. You can identify a user by their ID, for example, 21fad3f0-f8a2-4d66-846e-240dca92b16f, which you can trace through the various actions.

Log entry User action and example

"auditCode":"userService.<action>"

"auditCode":"userService.create" indicates that a role has been created for the user or group's permissions.

{"timestamp":"2018-11-05T11:28:18.664Z","auditCode":"userService.create","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"containerLocator":"object:!tenant:defaultTenant","user":{"tenant":"defaultTenant","name":"NewUser","id":"21fad3f0-f8a2-4d66-846e-240dca92b16f","imported":false,"principalimportDetails":null,"state":"ACTIVE","active":true}},"response":"object:!tenant:defaultTenant~user:21fad3f0-f8a2-4d66-846e-240dca92b16f"}

"auditCode":"userService.update" indicates that the user's profile has been changed, e.g. the user's role has been changed.

{"timestamp":"2018-11-05T11:48:02.419Z","auditCode":"update","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"locator":"object:!tenant:defaultTenant~user:21fad3f0-f8a2-4d66-846e-240dca92b16f","user":{"tenant":"defaultTenant","name":"Example user","id":"21fad3f0-f8a2-4d66-846e-240dca92b16f","imported":false,"principalimportDetails":null,"state":"ACTIVE","active":true}}}

userService.deleteUser indicates that the user has been deleted. Note that users are never completely removed from the system, rather the user "state" is set to "DEACTIVATED".

{"timestamp":"2018-11-05T11:38:06.296Z","auditCode":"userService.deleteUser","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"userLocator":"object:!tenant:defaultTenant~user:21fad3f0-f8a2-4d66-846e-240dca92b16f","force":false,"obliterate":false},"response":true}

"auditCode":"roleService.<action>"

roleService.updateWithSecurity indicates that the user or group has been added to a specific role, or that the role has changed. The following example shows that a user was added to the "Administrator" role:

{"timestamp":"2018-11-05T11:28:19.218Z","auditCode":"updateWithSecurity","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"locator":"object:!tenant:defaultTenant~role:administrator","object":{"id":"administrator","name":"Administrator","description":"Administrator","members":["admin","21fad3f0-f8a2-4d66-846e-240dca92b16f","admins"],"type":"GENERAL"}}}

roleService.removeMemberFromAllRoles indicates that all user roles have been removed from a user. This entry is added to the audit log when a user is deleted from the system.

{"timestamp":"2018-11-05T11:38:06.249Z","auditCode":"roleService.removeMemberFromAllRoles","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"tenantLocator":"object:!tenant:defaultTenant","memberId":"21fad3f0-f8a2-4d66-846e-240dca92b16f"}}

"auditCode":"workspaceService.create"

workspaceService.create indicates that the user's workspaces have been created. For each user, two workspaces are created, one for the My Documents folder and one temporary workspace.

{"timestamp":"2018-11-05T21:47:14.254Z","auditCode":"workspaceService.createWorkspace","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"containerLocator":"object:!tenant:defaultTenant","name":"user temp","description":"user's Temporary Workspace","directoryLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Temp__~directory:a1cee974-1864-ac55-2d80-aefd8c5f7a12"},"response":"object:!tenant:defaultTenant~workspace:37be5c8b-08d7-6401-5a7d-3bd019c7c419"}

"auditCode":"userCredentialService.<action>"

userCredentialService.createOrUpdate indicates that the user's password has been stored.

{"timestamp":"2018-11-05T21:47:14.359Z","auditCode":"userCredentialService.createOrUpdate","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"password":"[NOT OUTPUT]","userLocator":"object:!tenant:defaultTenant~user:19e5d5c7-a7ab-4bc0-b571-c90c57b53a8e"}}

userCredentialService.updateCurrentUserPassword indicates that the user's password has been updated and stored.

{"timestamp":"2018-11-05T13:37:24.613Z","auditCode":"userCredentialService.updateCurrentUserPassword","userId":"21fad3f0-f8a2-4d66-846e-240dca92b16f","username":"User1234","tenantName":"defaultTenant","success":true,"arguments":{"userLocator":"object:!tenant:defaultTenant~user:21fad3f0-f8a2-4d66-846e-240dca92b16f","oldPassword":"[NOT OUTPUT]","newPassword":"[NOT OUTPUT]"}}

"auditCode":"groupService.<action>"

groupService.create indicates that the group's profile has been created.

groupService.updateGroup indicates that the group's profile has been changed, e.g. a member has been added or the group has been deleted. Note that groups are never completely removed from the system, rather the group "state" is set to "DEACTIVATED". The following example shows a log entry for the action of adding a member to a group:

{"timestamp":"2018-11-05T12:20:21.206Z","auditCode":"groupService.updateGroup","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"groupLocator":"object:!tenant:defaultTenant~group:734e6428-64f0-4c5a-9bed-10582c1ef71f","group":{"tenant":"defaultTenant","name":"Group yellow","id":"734e6428-64f0-4c5a-9bed-10582c1ef71f","imported":false,"members":["441dd465-66ba-4cad-910c-021a817b5383","d4a3a96b-03be-4063-863c-0789565e4141"],"principalimportDetails":null,"state":"ACTIVE","active":true},"validate":true}}

Create, update and delete a folder

Log entry User action and example

"auditCode":"directoryService.<action>"

directoryService.create indicates that a new folder has been created.

{"timestamp":"2018-11-05T22:04:22.163Z","auditCode":"directoryService.create","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"containerLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:ee6adb52-ba73-5a61-cce7-f9e5523fb733","directory":{"id":"5355c000-0a2a-453c-9b3b-02a6837e7157","name":"createdDirectoryName","description":""}},"response":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:ee6adb52-ba73-5a61-cce7-f9e5523fb733~directory:5355c000-0a2a-453c-9b3b-02a6837e7157"}

directoryService.update indicates that a folder has been updated.

{"timestamp":"2018-11-05T22:04:32.764Z","auditCode":"directoryService.update","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"locator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:ee6adb52-ba73-5a61-cce7-f9e5523fb733~directory:5355c000-0a2a-453c-9b3b-02a6837e7157","directory":{"id":"5355c000-0a2a-453c-9b3b-02a6837e7157","name":"updatedDirectoryName","description":""}}}

directoryService.delete indicates that a folder has been deleted.

{"timestamp":"2018-11-05T22:26:09.784Z","auditCode":"directoryService.delete","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"locator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:ee6adb52-ba73-5a61-cce7-f9e5523fb733~directory:5355c000-0a2a-453c-9b3b-02a6837e7157~directory:5355c000-0a2a-453c-9b3b-02a6837e7157"}}

Create, save, run or delete a data flow

When a data flow is created, an edit session is opened to track data flow and node edits, and an execution session is opened to track the state of the data flow.

Log entry User action and example

"auditCode":"executionSessionService.<action>"

executionSessionService.create indicates that an execution session has been created. When a data flow is created, an execution session is opened to track the state of the data flow, for example node states and run property values.

executionSessionService.update indicates that a data flow has been saved or deleted or that a user has initiated a change in state of the data flow, for example clearing node state, adding or removing nodes or updating run property values.

{"timestamp":"2018-11-05T14:03:39.676Z","auditCode":"executionSessionService.create","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"executionSession":{"id":"77ae5ef3-35c2-4202-b6ec-608b9a6d634f","graphLocator":"object:!tenant:defaultTenant~workspace:42cb5309-5e17-2489-9b08-9502bbec394c~edit-session:fad8ae33-5db9-4309-9206-b81cbcbcd79b~graph:067b1366-488e-4854-b938-0593bc365937","lxsId":null,"runtimeProperties":{},"valid":false,"runBy":"admin","runDate":null,"runState":null,"lastExecutionCandidates":[],"allExecutionCandidates":[],"executionLogId":null,"interfaces":["ExecutionSession"]},"workspaceLocator":"object:!tenant:defaultTenant~workspace:42cb5309-5e17-2489-9b08-9502bbec394c"},"response":"object:!tenant:defaultTenant~workspace:42cb5309-5e17-2489-9b08-9502bbec394c~execution-session:77ae5ef3-35c2-4202-b6ec-608b9a6d634f"}

executionSessionService.execute is logged when a user runs a data flow.

"auditCode":"editSessionService.<action>"

editSessionService.save is logged when a data flow is saved.

{"timestamp":"2018-11-05T14:07:18.306Z","auditCode":"editSessionService.save","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"saveOptions":{"object:!tenant:defaultTenant~workspace:42cb5309-5e17-2489-9b08-9502bbec394c~edit-session:125e63ec-b57e-430c-a392-500120f4467b~graph:067b1366-488e-4854-b938-0593bc365937":{"saveAsName":null,"destination":"object:!tenant:defaultTenant~workspace:88f20806-8bec-69d6-9c21-c20c1172b651","overwrite":true,"retainId":false,"includeTargetWorkspaceInSearchPath":true}},"editSessionLocator":"object:!tenant:defaultTenant~workspace:42cb5309-5e17-2489-9b08-9502bbec394c~edit-session:125e63ec-b57e-430c-a392-500120f4467b"}}

Node execution

Log entry User action and example

"auditCode":"nodeProcessing"

and

"auditCode":"nodeProcessed"

When a node is executed, two entries are added to the log:

nodeProcessing is logged when node execution is initiated, then when the run is complete, nodeProcessed is logged, indicating whether the run was successful or not.

The reference to the node that is being executed is logged in the following format: node=<Data flow name>.<node> e.g. node=Untitled Data Flow.Create Data

{"timestamp": "2020-06-05T06:30:00.193-07:00","auditCode":"nodeProcessing","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"node":"Spinner.Create Data","nodeLocator":"object:element:27c4ad3e-ae40-4457-babf-bc97f0716859~child:e325f4fe-447f-4f64-a25c-e7c66e383eee","runState": "IN_PROGRESS","graph": "Spinner"}}

{"timestamp": "2020-06-05T06:25:01.739-07:00","auditCode": "nodeProcessed","userId": "admin","username": "admin","tenantName": "defaultTenant","success": true,"arguments": {"node": "Spinner.Create Data","outputRecordCounts": "Sample Data:20","nodeLocator": "object:element:27c4ad3e-ae40-4457-babf-bc97f0716859~child:e325f4fe-447f-4f64-25c-e7c66e383eee","startTime": "2020-06-05T06:25:01.473-07:00","runState": "PASSED","elapsedTimeMS": 266,"graph": "Spinner"}}

Create, update or run a schedule

Log entry User action and example

"auditCode":" simpleScheduledTaskService.<action>"

and

"auditCode":"scheduledTaskService.<action>"

When a user creates a schedule, several entries are added to the audit log including scheduledTaskService.create and scheduledTaskService.update. The entry of particular interest is the simpleScheduledTaskService.create method as this entry contains the data flow ID.

{"timestamp":"2018-11-05T14:09:14.478Z","auditCode":"simpleScheduledTaskService.create","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"containerLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:c5eb280e-773f-d5bc-679a-455d6d702462","simpleScheduledTaskDto":{"id":"6e140249-5b0d-4428-9913-c19672336633","name":"schedule test","description":null,"enabled":true,"triggerProperties":{"cronExpression":"0 09 14 1 1/1 ? *","startDateTime":"2018-11-05T14:09:06Z","interval":"monthly","monthlyScheduleOption":"day-of-week"},"runAs":null,"dataflowId":"067b1366-488e-4854-b938-0593bc365937","runProperties":{},"searchPath":["object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:c5eb280e-773f-d5bc-679a-455d6d702462"]}},"response":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:c5eb280e-773f-d5bc-679a-455d6d702462~scheduled-task:6e140249-5b0d-4428-9913-c19672336633"}

When a schedule is updated, two entries are added to the audit log: scheduledTaskService.update and simpleScheduledTaskService.update.

The simpleScheduledTaskService.update method is the most useful as this contains the data flow ID.

{"timestamp":"2018-11-05T14:38:48.707Z","auditCode":"simpleScheduledTaskService.update","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"scheduledTaskResourceLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:c5eb280e-773f-d5bc-679a-455d6d702462~scheduled-task:d4dfbeca-b5b6-42af-b961-a646ae39b002","simpleScheduledTaskDto":{"id":"d4dfbeca-b5b6-42af-b961-a646ae39b002","name":"red schedule","description":"edit","enabled":true,"triggerProperties":{"cronExpression":"0 36 14 1 1/1 ? *","startDateTime":"2018-11-05T14:38:44Z","interval":"monthly","monthlyScheduleOption":"day-of-week"},"runAs":null,"dataflowId":"7cb915b2-696c-4247-8aab-6cba41f3af45","runProperties":{},"searchPath":["object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:c5eb280e-773f-d5bc-679a-455d6d702462"]}}}

The simpleScheduledTaskService.runNow method indicates that a user has triggered a schedule to run immediately. Note that as a result of this action, you will also see the following run data flow audit log entries: executionSessionService.create, executionSessionService.update and executionSessionService.execute.

{"timestamp":"2018-11-05T14:45:15.865Z","auditCode":"simpleScheduledTaskService.runNow","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"scheduledTaskLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:c5eb280e-773f-d5bc-679a-455d6d702462~scheduled-task:d4dfbeca-b5b6-42af-b961-a646ae39b002","simpleScheduledTaskRunNowDto":{"executionPlanStateLocator":null,"overriddenRunProperties":{},"concurrentExecutionStrategy":"SKIP"}}}

When a user deletes a schedule, the following audit entries are logged:

scheduledTaskService.delete

simpleScheduledTaskService.delete

executionSessionService.delete

executionSessionService.update

"auditCode":"executionPlanExecute"

executionPlanExecute is logged when an automated schedule runs. Additional log entries are also created for this action, similar to those that are created when a user triggers a schedule to run immediately.

Tip: Unlike when a user triggers a data flow to run immediately, when the system runs a schedule, scheduledTaskId and scheduledTaskName attributes are logged in place of userid and username.

{"timestamp":"2018-11-05T14:49:00.536Z","auditCode":"executionPlanExecute","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"taskProperties":{"executionPlanLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:c5eb280e-773f-d5bc-679a-455d6d702462~scheduled-task:4930fcfe-2e64-49db-a5c2-bb67bdf7bcf3~execution-plan:3730329e-f1b4-4948-a36d-eabf4bd2ea0b"},"scheduledTaskId":"4930fcfe-2e64-49db-a5c2-bb67bdf7bcf3","scheduledTaskName":"new schedule"},"response":""}

"auditCode":"dataflowProcessing"

dataflowProcessing is logged when a scheduled data flow begins to execute.

{"timestamp": "2020-06-05T06:20:00.254-07:00","auditCode": "dataflowProcessing","userId": "admin","username": "admin","tenantName": "defaultTenant","success": true,"arguments": {"graphLocator": "object:!tenant:defaultTenant~workspace:8e6bbf00-578e-446c-be67-6d247c8118d6~graph:3d767b3f-f4cd-4d5d-bbb4-8dcd755952f9~element:27c4ad3e-ae40-4457-babf-bc97f0716859","graph": "Spinner"}}

"auditCode":"dataflowProcessed"

dataflowProcessed is logged when the scheduled execution of a data flow is complete.

{"timestamp": "2020-06-05T06:20:02.358-07:00","auditCode": "dataflowProcessed","userId": "admin","username": "admin","tenantName": "defaultTenant","success": true,"arguments": {"duration": "00:00:01:210","graphLocator": "object:!tenant:defaultTenant~workspace:8e6bbf00-578e-446c-be67-6d247c8118d6~graph:3d767b3f-f4cd-4d5d-bbb4-8dcd755952f9~element:27c4ad3e-ae40-4457-babf-bc97f0716859","graph": "Spinner","status": "SUCCEEDED"}}

Run clean up settings

Log entry User action and example

"auditCode":"scheduledTaskService.create"

and

"auditCode":"scheduledTaskConfigurationService.create"

The following entries are logged when a new schedule setting is set, for example if a user chooses to delete temporary data after a successful run or specifies a number of recent scheduled runs to keep:

scheduledTaskConfigurationService.create and scheduledTaskService.create.

{"timestamp":"2018-11-05T13:53:34.314Z","auditCode":"scheduledTaskConfigurationService.create","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"configuration":{"id":"adb57e53-3e1c-4476-928b-320cc6c3bace","name":"scheduler configuration","type":"scheduler-task-configuration","properties":{"clearTemporaryFilesSuccessfulRuns":{"name":"clearTemporaryFilesSuccessfulRuns","value":"false","type":null,"encrypted":null,"encrypted":null},"disabledExecutionPlanStatesToKeep":{"name":"disabledExecutionPlanStatesToKeep","value":"2","type":null,"encrypted":null,"encrypted":null}}},"containerLocator":"object:!tenant:defaultTenant"},"response":"object:!tenant:defaultTenant~configuration:adb57e53-3e1c-4476-928b-320cc6c3bace"}

When a schedule setting is changed, for example if a user modifies the period of time for which they want to keep scheduled runs, the following entries are logged:

scheduledTaskConfigurationService.update

scheduledTaskService.update

LDAP/AD integration

Log entry User action and example
"auditCode":"authenticationConfigurationService.<action>"

authenticationConfigurationService.create indicates that LDAP/AD authentication configuration has been initiated.

As a result of a user configuring LDAP/AD authentication settings, you will also see authenticationConfigurationService.validate and authenticationConfigurationService.update log entries where the submitted authentication configuration is validated and updated.

{"timestamp":"2018-11-05T08:26:47.281-05:00","auditCode":"authenticationConfigurationService.create","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"configuration":{"id":"c8d7eb00-c9ba-4539-84fa-0c2e2bc324df","name":"default-ldap-authentication","type":"authentication-provider-configuration","properties":{"netBiosDomain":{"encrypted":null,"encrypted":null,"name":"netBiosDomain","value":null,"type":null},"referral":{"encrypted":null,"encrypted":null,"name":"referral","value":"follow","type":null},"userSearchFilter":{"encrypted":null,"encrypted":null,"name":"userSearchFilter","value":null,"type":null},"name":{"encrypted":null,"encrypted":null,"name":"name","value":"default-ad-provider","type":null},"type":{"encrypted":null,"encrypted":null,"name":"type","value":"ad-ldap","type":null},"url":{"encrypted":null,"encrypted":null,"name":"url","value":"ldap://aws-dc1.lavastorm.local.com:389/dc=lavastorm,dc=local,dc=com","type":null},"bindPrincipalAttribute":{"encrypted":null,"encrypted":null,"name":"bindPrincipalAttribute","value":"sAMAccountName","type":null}}}},"response":{"referral":"follow","testMode":false,"securityLevel":"simple"}}

"auditCode":"userimportService.<action>"

userimportService.importUsers indicates that LDAP/AD users have been imported. There would also be corresponding entries for each user and group created or updated as a result of the import.

{"timestamp":"2018-11-05T08:14:20.27-05:00","auditCode":"userimportService.importUsers","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"configurationLocator":"object:!tenant:defaultTenant~configuration:ui-ldap-import-config-item"},"response":{"totalUsers":2,"usersCreated":2,"usersRemoved":0,"usersNotUpdated":0,"usersUpdated":0,"invalidUsers":0,"totalGroups":2,"groupsCreated":2,"groupsRemoved":0,"groupsNotUpdated":0,"groupsUpdated":0,"invalidGroups":0}}

"auditCode":"userimportConfigurationService.<action>"

userimportConfigurationService.create indicates that LDAP/AD user import settings have been configured.

userimportConfigurationService.update indicates that the LDAP/AD import settings have been modified.

Note that has a result of configuring or editing LDAP/AD user import settings, you will also see a "auditCode":"securityConfigurationService.setSecurityConfig" log entry.

{"timestamp":"2018-11-05T09:01:32.453-05:00","auditCode":"create","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"configuration":{"id":"ui-ldap-import-config-item","name":"ldap import config","type":"user-import-configuration","properties":{"groupRetrievalStrategy":{"encrypted":null,"encrypted":null,"name":"groupRetrievalStrategy","value":"DO_NOT_RETRIEVE_GROUPS","type":null},"importUsersAsLowercase":{"encrypted":null,"encrypted":null,"name":"importUsersAsLowercase","value":"true","type":null},"userNameAttribute":{"encrypted":null,"encrypted":null,"name":"userNameAttribute","value":"userPrincipalName","type":null},"searchTimeLimit":{"encrypted":null,"encrypted":null,"name":"searchTimeLimit","value":"0","type":null},"url":{"encrypted":null,"encrypted":null,"name":"url","value":"ldap://aws-dc1.lavastorm.local.com:389/dc=lavastorm,dc=local,dc=com","type":null},"searchSubTree":{"encrypted":null,"encrypted":null,"name":"searchSubTree","value":"true","type":null},"password":{"encrypted":"LAVASTORM_SECURE_STORE","encrypted":true,"name":"password","value":"[NOT OUTPUT]","type":"Password"},"referral":{"encrypted":null,"encrypted":null,"name":"referral","value":"follow","type":null},"searchCountLimit":{"encrypted":null,"encrypted":null,"name":"searchCountLimit","value":"0","type":null},"pagingLimit":{"encrypted":null,"encrypted":null,"name":"pagingLimit","value":"0","type":null},"defaultRoles":{"encrypted":null,"encrypted":null,"name":"defaultRoles","value":"explorer","type":null},"ignorePartialResultError":{"encrypted":null,"encrypted":null,"name":"ignorePartialResultError","value":"false","type":null},"userFilter":{"encrypted":null,"encrypted":null,"name":"userFilter","value":"(&(objectClass=person)(|(userPrincipalName=adminuser@example.com)(userPrincipalName=auser@example.com)))","type":null},"username":{"encrypted":null,"encrypted":null,"name":"username","value":"cn=laeldap,ou=Warrington Service Accounts,dc=lavastorm,dc=local,dc=com","type":null}}},"containerLocator":"object:!tenant:defaultTenant"},"response":"object:!tenant:defaultTenant~configuration:ui-ldap-import-config-item"}

Create, update or delete a data connection

Log entry User action and example
"auditCode":"dataConnectionCreated" Indicates that a new data connection has been established.

{"timestamp":"2024-03-08T10:25:03.9504991Z","auditCode":"dataConnectionCreated","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataConnectionPath":"//System Connections/My Data Connection#data-connection","targetLocation":"","dataConnectionlocator":"object:!tenant:defaultTenant~workspace:systemConnections~data-connection:4733efe0-5c15-4e74-8037-8e1d795cd876"},"response":"object:!tenant:defaultTenant~workspace:systemConnections~data-connection:4733efe0-5c15-4e74-8037-8e1d795cd876"}
"auditCode":"dataConnectionUpdated" Indicates that an existing data connection has been modified.

{"timestamp":"2024-03-08T10:25:18.4251538Z","auditCode":"dataConnectionUpdated","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataConnectionPath":"//System Connections/My Data Connection#data-connection","targetLocation":"file:///C:/test/","dataConnectionlocator":"object:!tenant:defaultTenant~workspace:systemConnections~data-connection:4733efe0-5c15-4e74-8037-8e1d795cd876"},"response":"object:!tenant:defaultTenant~workspace:systemConnections~data-connection:4733efe0-5c15-4e74-8037-8e1d795cd876"}
"auditCode":"dataConnectionDeleted" Indicates that an existing data connection has been deleted.

{"timestamp":"2024-03-08T10:25:43.3515003Z","auditCode":"dataConnectionDeleted","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataConnectionPath":"/unresolved path","dataConnectionlocator":"object:!tenant:defaultTenant~workspace:systemConnections~data-connection:4733efe0-5c15-4e74-8037-8e1d795cd876"},"response":"object:!tenant:defaultTenant~workspace:systemConnections~data-connection:4733efe0-5c15-4e74-8037-8e1d795cd876"}

Create, delete or move a data directory

Log entry User action and example
"auditCode":"dataDirectoryCreated" Indicates that a new data directory has been created to organize data files. dataDirectoryRenamed is logged as dataDirectoryCreated followed by a dataDirectoryDeleted entry.

{"timestamp":"2024-03-08T10:27:51.0633552Z","auditCode":"dataDirectoryCreated","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataDirectoryPath":"//admin/My Data Collection#data-collection/My Data Folder#data-directory","dataDirectoryLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder","targetLocation":"file:/C:/work/git2/analyze/build/installation/installImage/lae/laeServer/shared/admin/My%20Data%20Collection/My%20Data%20Folder/"},"response":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder"}
"auditCode":"dataDirectoryDeleted" Indicates that a data directory has been deleted.

{"timestamp":"2024-03-08T10:28:21.1592868Z","auditCode":"dataDirectoryDeleted","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataDirectoryLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder_20Renamed"},"response":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder_20Renamed"}
"auditCode":"dataDirectoryMoved" Indicates that a data directory has been moved.

{"timestamp":"2024-03-08T10:35:52.4433347Z","auditCode":"dataDirectoryMoved","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"sourceDataDirectoryLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:directory","destinationTargetLocation":"","destinationDataDirectoryLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5572088a-60d8-4762-9959-d27cd5dda81b~data-directory:directory","destinationDataDirectoryPath":"//admin/My 2nd Data Collection#data-collection/directory#data-directory"},"response":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:directory"}

Working with data files

Log entry User action and example
"auditCode":"dataFileCreated" Indicates that a data file has been created.

{"timestamp":"2024-03-08T10:28:45.7542081Z","auditCode":"dataFileCreated","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataFilePath":"//admin/My Data Collection#data-collection/file_1.txt#data-file","targetLocation":"file:/C:/work/git2/analyze/build/installation/installImage/lae/laeServer/shared/admin/My%20Data%20Collection/file_1.txt","dataFileLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-file:file_5F1_2Etxt"},"response":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-file:file_5F1_2Etxt"}
"auditCode":"dataFileUploaded" Indicates that a file is uploaded. This will also log a dataFileCreated action.

{"timestamp":"2024-03-08T10:28:45.8004013Z","auditCode":"dataFileUploaded","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataFilePath":"//admin/My Data Collection#data-collection/file_1.txt#data-file","dataFileLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-file:file_5F1_2Etxt"},"response":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-file:file_5F1_2Etxt"}
"auditCode":"dataFileMoved" Indicates that a file has been moved to a new location. Data File rename is logged as a dataFileMoved.

{"timestamp":"2024-03-08T10:33:01.9015283Z","auditCode":"dataFileMoved","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"destinationDataFilePath":"//admin/My Data Collection#data-collection/My Data Folder#data-directory/file_2#data-directory/file_1.txt#data-file","sourceDataFileLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder~data-directory:file_5F1~data-file:file_5F1_2Etxt","destinationTargetLocation":"","destinationDataFileLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder~data-directory:file_5F2~data-file:file_5F1_2Etxt"},"response":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder~data-directory:file_5F1~data-file:file_5F1_2Etxt"}
"auditCode":"dataFileDownloaded" Indicates that a file has been downloaded.

{"timestamp":"2024-03-08T10:28:54.3204607Z","auditCode":"dataFileDownloaded","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataFileLocators":["object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-file:file_5F1_2Etxt"],"dataFilePaths":["//admin/My Data Collection#data-collection/file_1.txt#data-file"]},"response":"COMPLETED"}
"auditCode":"dataFileEntryExtracted" Indicates that a file has been extracted from a zip archive. This will also log dataFileCreated and dataDirectoryCreated entries.

{"timestamp":"2024-03-08T10:32:12.2591994Z","auditCode":"dataFileEntryExtracted","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"archiveFileLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder~data-file:file_5F1_2Ezip","dataFileResourcePath":"//admin/My Data Collection#data-collection/My Data Folder#data-directory/file_1#data-directory/file_1.txt#data-file","dataFileLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder~data-directory:file_5F1~data-file:file_5F1_2Etxt"},"response":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder~data-directory:file_5F1~data-file:file_5F1_2Etxt"}
"auditCode":"dataFileExtracted" Indicates that the extraction of a zip file has completed.

{"timestamp":"2024-03-08T10:32:12.3601991Z","auditCode":"dataFileExtracted","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataFileResourcePath":"//admin/My Data Collection#data-collection/My Data Folder#data-directory/file_1.zip#data-file","dataFileLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder~data-file:file_5F1_2Ezip"},"response":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder~data-file:file_5F1_2Ezip"}
"auditCode":"dataFileDeleted" Indicates that a file has been deleted.

{"timestamp":"2024-03-08T10:31:36.9416214Z","auditCode":"dataFileDeleted","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataFileLocator":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder~data-file:file_5F1_2Etxt"},"response":"object:!tenant:defaultTenant~workspace:07a0732c-7140-4627-b594-47b7c13285cf~data-collection:5d772432-e218-4673-85d6-c7a7df24f589~data-directory:My_20Data_20Folder~data-file:file_5F1_2Etxt"}

Create, update or delete a mount point

Log entry User action and example
"auditCode":"fileStoreMountPointCreated" Indicates that a mount point has been created.

{"timestamp":"2024-03-08T10:34:37.9662117Z","auditCode":"fileStoreMountPointCreated","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"mountPath":"/Users#directory/admin#directory/My Data Collection#data-collection","effectiveConnection":{"dataConnection":"object:!tenant:defaultTenant~directory:__Root__~directory:systemConnections~data-connection:system-shared-connection","relativePath":"admin\\dc"},"fileStoreMountPointlocator":"object:!tenant:defaultTenant~mounts:mounts~file-store-mount-point:f0602433-66bd-4093-a5f3-c7bcd91bea4c","mountLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:9b940bab-f748-4347-80a0-2e01f0da5327~data-collection:5d772432-e218-4673-85d6-c7a7df24f589"},"response":"object:!tenant:defaultTenant~mounts:mounts~file-store-mount-point:f0602433-66bd-4093-a5f3-c7bcd91bea4c"}
"auditCode":"fileStoreMountPointUpdated" Indicates that the settings for an existing mount point has been updated.

{"timestamp":"2024-03-08T10:39:40.1287284Z","auditCode":"fileStoreMountPointUpdated","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"mountPath":"/Users#directory/admin#directory/My Data Collection#data-collection","effectiveConnection":{"dataConnection":"object:!tenant:defaultTenant~directory:__Root__~directory:systemConnections~data-connection:system-shared-connection","relativePath":"admin\\dc"},"fileStoreMountPointlocator":"object:!tenant:defaultTenant~mounts:mounts~file-store-mount-point:f0602433-66bd-4093-a5f3-c7bcd91bea4c","mountLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:9b940bab-f748-4347-80a0-2e01f0da5327~data-collection:5d772432-e218-4673-85d6-c7a7df24f589"},"response":"object:!tenant:defaultTenant~mounts:mounts~file-store-mount-point:f0602433-66bd-4093-a5f3-c7bcd91bea4c"}
"auditCode":"fileStoreMountPointDeleted" Indicates that a mount point has been deleted.

{"timestamp":"2024-03-08T11:51:40.6153284Z","auditCode":"fileStoreMountPointDeleted","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"fileStoreMountPointlocator":"object:!tenant:defaultTenant~mounts:mounts~file-store-mount-point:f0602433-66bd-4093-a5f3-c7bcd91bea4c"},"response":"object:!tenant:defaultTenant~mounts:mounts~file-store-mount-point:f0602433-66bd-4093-a5f3-c7bcd91bea4c"}

Working with data collections

Log entry User action and example
"auditCode":"dataCollectionCreated" Indicates that a data collection has been created.

{"timestamp":"2024-03-14T12:00:51.8113536Z","auditCode":"dataCollectionCreated","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataCollectionPath":"//admin/My Data Collection#data-collection","dataCollectionlocator":"object:!tenant:defaultTenant~workspace:3f900c41-1e92-462e-88be-53809283b63d~data-collection:b10c17c2-8303-4411-9d7c-7b385e9978f1"},"response":"object:!tenant:defaultTenant~workspace:3f900c41-1e92-462e-88be-53809283b63d~data-collection:b10c17c2-8303-4411-9d7c-7b385e9978f1"}
"auditCode":"dataCollectionUpdated" Indicates that a data collection has been renamed.

{"timestamp":"2024-03-14T13:26:43.0279125Z","auditCode":"dataCollectionUpdated","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataCollectionPath":"//admin/My Data Collection Renamed#data-collection","dataCollectionlocator":"object:!tenant:defaultTenant~workspace:3f900c41-1e92-462e-88be-53809283b63d~data-collection:b10c17c2-8303-4411-9d7c-7b385e9978f1"},"response":"object:!tenant:defaultTenant~workspace:3f900c41-1e92-462e-88be-53809283b63d~data-collection:b10c17c2-8303-4411-9d7c-7b385e9978f1"}
"auditCode":"dataCollectionDeleted" Indicates that a data collection has been deleted.

{"timestamp":"2024-03-14T13:35:50.6318806Z","auditCode":"dataCollectionDeleted","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataCollectionPath":"/unresolved path","dataCollectionlocator":"object:!tenant:defaultTenant~workspace:3f900c41-1e92-462e-88be-53809283b63d~data-collection:b10c17c2-8303-4411-9d7c-7b385e9978f1"},"response":"object:!tenant:defaultTenant~workspace:3f900c41-1e92-462e-88be-53809283b63d~data-collection:b10c17c2-8303-4411-9d7c-7b385e9978f1"}
"auditCode":"dataCollectionMoved" Indicates that a data collection has been moved to a new location.

{"timestamp":"2024-03-14T14:04:48.2233702Z","auditCode":"dataCollectionMoved","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"sourceDataCollectionLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:b0894047-f671-42fb-8069-2c2915766674~directory:12ea94e6-61fa-4e00-91c3-886bde8cf39a~data-collection:f35a94aa-50f5-4300-b0f1-403c19c13275","destinationDataCollectionLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:b0894047-f671-42fb-8069-2c2915766674~directory:4ce39d2a-f688-4b31-8008-d97c0ff843e5~data-collection:f35a94aa-50f5-4300-b0f1-403c19c13275","destinationDataCollectionPath":"/Users#directory/admin#directory/My Folder 2#directory/My Data Collection#data-collection"},"response":"object:!tenant:defaultTenant~directory:__Root__~directory:__Users__~directory:b0894047-f671-42fb-8069-2c2915766674~directory:12ea94e6-61fa-4e00-91c3-886bde8cf39a~data-collection:f35a94aa-50f5-4300-b0f1-403c19c13275"}

Node audit logging

Node audit logs provide a traceable record of file system interactions for node executions withing the application. The node audit log is created under the <siteDir>/logs/nodes/ folder locations.

For each node that executes and attempts to read or write files, an audit log entry and corresponding audit log file is created.

The node audit log file is created under <siteDir>/logs/nodes/<Date>/<User>/<DataFlow>/<runId>/<AutogeneratedId>.log where:

  • <date>: Date when the node executed.
  • <user>: Name of the user who ran the node.
  • <dataFlow>: Name of the data flow the node exists in.
  • <runId>: ID for the "execution-session" or run.
  • <autoGeneratedId>: Auto-generated unique ID.

This node log, once created, is referenced in the lae-audit.lognodeProcessed audit log entry in the "auditLog" argument.

Only nodes that interact with files outside of their temporary inputs, outputs and the libraries will have a corresponding audit log generated. This can still result in a large number of logs, but to ensure full auditing and traceability, the system will not delete or clean up these files. Node audit log file management and archiving is the responsibility of the Data360 Analyze system administrator.

Note: Node audit logging can be switched off by adding the line ls.brain.node.auditNodeFileAccess=false to this configuration file <siteDir>/conf/cust.prop.

Some examples of node audit log entries are listed in the table below, along with a description of how the log entry relates to a user action in Data360 Analyze.

The node audit log entries contain the same parameters as the lae.audit log (timestamp, auditCode, userId, username, tenantName, success) and the following arguments:

Argument Description
dataFlowName Name of the data flow the node is executing in.
dataFlowLocator Locator of the data flow the node is executing in.
runName Name of the run the node is executing within.
executionSessionLocator Locator of the run.
nodeLocator Locator of the node within the data flow.
Log entry User action and example
"auditCode":"fileOpened" Indicates that an attempt was made to open a file, but the operation failed due to insufficient permissions.

This log has the success parameter set to false.

{"timestamp":"2024-04-03T16:57:55.1656576+02:00","auditCode":"fileOpened","userId":"admin","username":"admin","tenantName":"defaultTenant","success":false,"arguments":{"dataFlowLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Temp__~directory:08c91198-3121-4bb9-b32f-49fbedcd3c6a~edit-session:9fbc56af-c008-4bcb-a546-c061666de520~graph:acf08e33-96d2-4aab-9834-316deea99f0c","executionsessionLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Temp__~directory:08c91198-3121-4bb9-b32f-49fbedcd3c6a~execution-session:aaf03abb-3461-4c5f-8223-081dd89ebed2","openClass":"java.io.File","dataFlowName":"Untitled Data Flow","toResolve":"//Public Documents/AnotherCollection#data-collection/other#data-directory/directory#data-directory/output.brd","permissions":"{READ, READ_CONTAINED, EXECUTE, ACL}","runName":"aaf03abb-3461-4c5f-8223-081dd89ebed2","nodeLocator":"object:element:a8f8df00-c728-44c8-bf60-9b5a6fa1a7ec~child:5e2089c6-1dbc-49c0-b426-2c9f82636db4","resolved":"file:/C:/Work/temp/33180/other/directory/output.brd","openOptions":"WRITE, TRUNCATE_EXISTING, CREATE, MAKE_PATH_DIRS_ON_CREATE"},"error":{"errorCode":"brain.io.missingRequiredPermissionForOpenAction","errorMessage":"Missing required permission on path 'C:\\Work\\temp\\33180\\other\\directory\\output.brd' to perform operation: WRITE. Action requires 'WRITE' permissions however only '[READ, READ_CONTAINED, EXECUTE, ACL]' permissions seen."}}
"auditCode":"fileOpened" Indicates that a file was successfully opened.

This log has the success parameter set to true.

{"timestamp":"2024-02-20T13:12:48.2662283+01:00","auditCode":"fileOpened","userId":"admin","username":"admin","tenantName":"defaultTenant","success":true,"arguments":{"dataFlowLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Temp__~directory:81607997-f562-4515-a17c-f8632297dfe3~edit-session:04ffd4d7-5b86-4904-b049-9f792c978cba~graph:2c8d5421-a0c5-45b7-a1ee-a7a2f3341bf1","executionsessionLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Temp__~directory:81607997-f562-4515-a17c-f8632297dfe3~execution-session:d8b0595d-70c9-400b-b36e-7aa6ec39ab2d","openClass":"java.io.File","dataFlowName":"Untitled Data Flow","toResolve":"//Public Documents/Public data#data-collection/samples#data-directory/Transactions.csv","permissions":"{AUGMENT, OVERRIDE, OVERRIDE_CONTAINED, READ_CONTAINED, ACL, WRITE_CONTAINED, READ, WRITE, EXECUTE, AUGMENT_CONTAINED}","runName":"d8b0595d-70c9-400b-b36e-7aa6ec39ab2d","nodeLocator":"object:element:83f6b8d3-2279-4863-8e60-700ccffb8efe~child:dd48231c-76a9-4ba8-b18f-009611598da2","resolved":"file:/C:/analyzeMaster/git/analyze/build/installation/installImage/lae/laeServer/shared/Public/samples/Transactions.csv","openOptions":"READ"}}
"auditCode":"resolutionFailed" Indicates that the referenced workspace was found, but the specific file location could not be resolved.

{"timestamp":"2024-04-03T16:55:38.2981489+02:00","auditCode":"resolutionFailed","userId":"admin","username":"admin","tenantName":"defaultTenant","success":false,"arguments":{"dataFlowLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Temp__~directory:08c91198-3121-4bb9-b32f-49fbedcd3c6a~edit-session:16604e0a-e31a-43fd-94a6-e30e7452bcf6~graph:d8c78147-daa2-479f-bfea-87b8b48e149c","executionsessionLocator":"object:!tenant:defaultTenant~directory:__Root__~directory:__Temp__~directory:08c91198-3121-4bb9-b32f-49fbedcd3c6a~execution-session:a71c778b-844b-499f-93c9-f2de25086608","dataFlowName":"Untitled Data Flow","toResolve":"//Public Documents/Public datas#data-collection/samples#data-directory/country_data.json","runName":"a71c778b-844b-499f-93c9-f2de25086608","nodeLocator":"object:element:7fd8d0dd-9596-4ae2-a97c-a6efa8f0b940~child:0f86f13c-2f62-4b60-b8c0-8b3afcfaffc9"},"error":{"errorCode":"brain.io.unableToResolveWorkspaceFileStoreLocation","errorMessage":"Unable to resolve a file store location for the provided workspace based object resource path: '//Public Documents/Public datas#data-collection/samples#data-directory/country_data.json'. The referenced workspace 'Public Documents' was located however a file store location for the full path could not be resolved.}}

This log entry may contain the following additional arguments:
  • toResolve: Represents the path requested by the node to resolve to a file system location. In this example, this could be a resource path such as datacollection/other#data-directory/directory#data-directory/output that points to some data or file location.
  • resolved: Indicates the resolved file system path.
  • permissions: Highlights the permissions configured (within the Data360 Analyze application and not file system permissions) resolved for this path. This argument will only be present if the toResolve argument refers to an analyze path, and not a file system location directly.
  • openOptions: If the request was to open a file or input/output a stream or channel, this indicates the options such as read, write, truncate, append, create, etc. that were requested during the open request.