Audit
RPI includes comprehensive auditing features that ensure that details of all significant activities undertaken by users are recorded. These audit records are persisted in the tenant’s InteractionAudit operational database, in the AuditHistory table, and may be viewed using the Operations interface’s Audit Log tab, as well as being queried or reported upon independently.
Audit records have an audit type that describes the general area within which an activity occurred, and a sub-type, which describes the specific type of activity. For example, “Interaction Event” is an audit type, and “Activity Completed” a sub-type.
Audit records are created upon the occurrence of each of the following types of activity:
Audit Type | Audit Sub-Type |
|---|---|
Client Job | Analyze File |
Client Job | Catalog Re-sync |
Client Job | Connectivity Test |
Client Job | Download Asset From ECP |
Client Job | Email Delivery Test |
Client Job | Email Link Test |
Client Job | File Download |
Client Job | File Export |
Client Job | File External Copy |
Client Job | File Import |
Client Job | Fulfillment Test |
Client Job | Joins Refresh |
Client Job | Publish To Web |
Client Job | Delete Staged Email Offer Content |
Client Job | Re-subscribe Contacts |
Client Job | Sample Database Table |
Client Job | Rule Count |
Client Job | Refresh Value Lists |
Client Job | Rule Export |
Client Job | Selection Rule Waterfall |
Client Job | Upload Asset To ECP |
Client Job | Upload File To ECP |
Client Job | Validate And Load File |
Client Job | Validate Audience Definitions |
Client Job | Validate Channels |
Client Job | Validate SQL Expression |
Client Job | Workflow Waterfall Report |
Client Job | AML Model Builder |
Configuration | Clear All Attribute Values |
Configuration | Create Attributes From Database |
Configuration | Delete Attribute Values |
Configuration | Export Seeds |
Configuration | Import Seeds |
Configuration | Manage Attribute Values |
Configuration | Update System Configuration |
File Access | Add Folder |
File Access | Approve File |
File Access | Cancel File Approval Request |
File Access | Copy File |
File Access | Copy Folder |
File Access | Copy From Another Tenant |
File Access | Copy From External Content Provider |
File Access | Copy To Another Tenant |
File Access | Copy To External Content Provider |
File Access | Delete File |
File Access | Delete Folder |
File Access | Deny File Approval Request |
File Access | Export To File |
File Access | Import From File |
File Access | Load File |
File Access | Modify Folder |
File Access | Move File |
File Access | Move Folder |
File Access | Overwrite File |
File Access | Permanently Delete File |
File Access | Rename File |
File Access | Request File Approval |
File Access | Resend File Approval Request |
File Access | Restore File |
File Access | Roll Forward |
File Access | Save File |
File Access | Update Permissions |
Interaction Event | Activity Pause Request |
Interaction Event | Activity Resume Request |
Interaction Event | Activity Skip Request |
Interaction Event | Activity Stop Request |
Interaction Event | Activity Trigger Request |
Interaction Event | Activity Completed |
Interaction Event | Activity Failed |
Interaction Event | Activity Paused |
Interaction Event | Activity Restarted |
Interaction Event | Activity Started |
Interaction Event | Activity Stopped |
Interaction Event | File Download |
Interaction Event | Initialize Audience Test |
Interaction Event | Trigger Deactivated |
Interaction Event | Workflow Activation Request |
Interaction Event | Workflow Completed |
Interaction Event | Workflow Deactivation Request |
Interaction Event | Workflow Failed |
Interaction Event | Workflow Pause Request |
Interaction Event | Workflow Paused |
Interaction Event | Workflow Reactivation Request |
Interaction Event | Workflow Restarted |
Interaction Event | Workflow Resume Request |
Interaction Event | Workflow Rollback Request |
Interaction Event | Workflow Started |
Interaction Event | Workflow Stop Request |
Interaction Event | Workflow Stopped |
Interaction Event | Workflow Termination Request |
Interaction Event | Workflow Trigger Request |
Object Execution | Analysis Panel Refresh |
Object Execution | Attribute Refresh Attribute Values |
Object Execution | Attribute Validate SQL Expression |
Object Execution | Audience Definitions Validate |
Object Execution | Smart Asset Publish |
Object Execution | Smart Asset Unpublish |
Object Execution | Landing Page Publish |
Object Execution | Landing Page Unpublish |
Object Execution | Offer Email Delivery Test |
Object Execution | Offer Test Email |
Object Execution | Offer Test Links |
Object Execution | Offer Test SMS |
Object Execution | Selection Rule Count |
Object Execution | Selection Rule Export |
Object Execution | Selection Rule Waterfall |
Object Execution | Unstage |
Operations | Force Workflow Status |
Operations | Trigger Snapshot |
Operations | Update Snapshots |
Operations | Update System Task |
Security | Edit User (including details of current and previous user groups) |
Security | Create User Group |
Security | Delete User Group |
Security | Edit User Group (including details of current and previous permissions) |
System Access | Change Password |
System Access | Change Registered Alerts |
System Access | Change User Details |
System Access | Login |
System Access | Login Failed |
System Access | Log Out |
System Access | Reset User Password |
In addition, if cluster configuration setting AuditTaskEvents is set to True, the following events are audited:
Audit Type | Audit Sub-Type |
|---|---|
System Task | Started |
System Task | Completed |
The Audit History table has the following structure:
AuditID: a unique identifier for the audit record; an incrementing, system-supplied integer.
UserName: depending on whether the auditable action was undertaken explicitly by a user or upon the RPI server by one of its workflow service instances, either the username or workflow manager service instance ID.
ComputerName: the name of the computer upon which the auditable act was initiated. This might be the user's client application machine, or the RPI server machine.
ComputerIP: the IP address of the same computer.
ServerName: the name of the RPI server that handled the auditable action.
AuditTimestamp: date/time when the action occurred (in Universal Time).
ObjectID: GUID representing the unique identifier of the object in respect of which the action was undertaken (e.g. a selection rule). Given that an action may occur without involving an object (e.g. a user signing in), this field is nullable.
ObjectName: name of the object against which the action was undertaken. Nullable.
ObjectFolder: the full path of the RPI file system folder within which the object is stored. Nullable.
VersionMajor
VersionMinor
AuditType: textual description of the general type of audited activity.
AuditSubType: textual description of the specific type of audited activity.
Details
ClassName
AssemblyName