Access and Audit Trail Details

The Access & Audit Trail audit view displays the information from the context of the the current user logged in from the system.

This means from the context of the user who is viewing the audit information.

Event Header

The Event Header indicates which type of event was encountered in this Access and Audit Detail.

Event Information Panel

The Event Information Panel displays detailed information about the event. The following fields are shown:

Event Fields

Field
Description

EID

The unique identifier of the event.

Action

The action performed by the user (e.g. Execute, Creation, Read, Update, Delete).

Event

The type of event associated with the action (e.g. Security Alert, Authentication, Import Data, Export Data, Query).

Timestamp

The date and time when the activity was performed.

Outcome

The result of the action (e.g. Success, Minor/Moderate Fail, Serious Fail, Major Fail).

Process

The process in which the instance of the application is running on (e.g. PID XXXXX)

Source

A number representing the source of the entity.

Network Panel

The Network Panel illustrates the nodes that this event traveled across.

In this example, the event originated from the webserver on 127.0.0.1 and executed the Update action onto the ICDR named office-pc.

Below the diagram, the URL used to trigger the event is displayed.

Users and Computers Panel

The Users and Computers Panel shows a table of entities involved in the event.

The following User and Computer fields are shown:

Column
Description

Username

The display name of the user associated with the event.

Machine

The IP address or hostname of the client, server, or device involved.

R

Indicates the entity viewing the audit.

Roles

A number representing the role, or humanuser if the entity/client/server was a human user.

Data and Objects Panel

About this Example

In this example, the Entity is displayed as a section for the SecurityAlert.

❗However, the section displayed depends on the type of event.

The Data and Objects Panel has one section:

  • 🏷️Entity Section

Event Type Reference

  • 🚨 Security Alert → An event related to a security alert.

  • 🔐 Authentication → An event related to authentication within the system or by an external entity.

  • ↪️ Import Data → An event related to importing data into the system.

  • ↩️ Export Data → An event related to exporting data from the system.

  • 🔍 Query → An event related to searching or filtering data within the system.

Entity Section

This section displays information about the related Entity for the Access and Audit Trail record

The following Entity fields are shown:

Field
Description

Type

The type of Entity (e.g., SystemObject).

Role

The role associated with the Entity (e.g., Report).

Lifecycle

Indicates the lifecycle state of the object (e.g. Creation, NotSet, Disclosure, Access, etc...).

ID Type

Indicates the identifier type (e.g., UserIdentifier, SearchCriterion, Custom, etc...).

PreviousAccess and Audit TrailNextLocking a Device

Last updated