Overview
Within the CareAR Administration menu of the CareAR Admin Portal, tenant administrators can see what activities have happened on their tenant. We will show configuration changes and basic user activity on the portal. We also include system changes, and any provisioning change invoked via the provisioning API. User activity via the apps and clients is not in the scope for the audit log feature.
The audit logs are categorized as:
• User administration
• User access
• Experiences
• Connector Center
• Surveys
• Administration settings
• Provisioning API
Note that logs are only generated for tenant portal actions that happen once the platform is upgraded to release 24.03. No activity is logged as an audit log prior to the platform upgrade to release 24.03.
The audit logs are loaded chronologically (with newest log at the top) using our conventional table format. Each column of the audit log table corresponds to each field in the audit log.
Audit Log Format
Each audit log includes the following fields:
- date
- time
- username of user responsible for action
- for system events, as in automatic expiration of the tenant, the user “System” is used
- for provisioning actions via the provisioning API, the user “Provisioning API” is used
- for actions via the super-admin interface, the user “CareAR Operations” is used
- event category {user administration, user access, experiences, connector center, surveys, administration settings, provisioning API}
- event description
Even if an account is removed, the user responsible for the event will be stored and presented.
Presentation Options
By default, the presentation of the audit logs is in chronological order, presenting the newest log first.
The tenant admin can sort based on field, filter based on event category, and if groups are defined and used, filter based on user group.
Also, the tenant can focus on the time frame of interest per our standard table options (Last 7 days, Last 30 days, Last 12 months, Custom date range).
Audit Log Export
Tenant admins can export the audit logs based on the presentation option set when the EXPORT button is clicked. The logs are then exported to a CSV file with file name format, AuditLogs_YYYYMMDD_HHMMSS.
Data Retention Settings
Data retention period for the audit logs is configurable by clicking the SETTINGS button. The units are in days, with a range of 30 to 180 days. The default setting is 90 days. For logs that are older in age than the value specified for the data retention, the system removes those older logs.
Notes on GDPR’s Right to be Forgotten
For the occurrence that a CareAR user wishes to be forgotten in accordance to the GDPR, once the “forgotten” action is taken by CareAR Operations, for any audit log attributed to that user, CareAR overwrites the username with the user’s GUID.