Exporting Audit Data

Whenever a change is made to a user profile, information about that change is written to the Console audit log: any action that creates, deletes, or modifies a user account in any way is recorded in the log:


agent_capture_client_id,agent_email,agent_id,agent_label,agent_uuid,origin_component,
signed_data_client_description,signed_data_client_id,target_capture_application_id,target_capture_
entity_type,target_capture_uuid,target_field_current_value,target_field_path,
target_field_previous_value,transaction_committed,transaction_id,transaction_start,
type c5ukftq8n6fene4mgw6bvbhb5vj87rps,lgalaviz@janrain.com,,,
277a966f-37e6-4ce8-9abc-61b77ca6ae3f,,TBD dragons,kskmfn2sxu4ysuvrzv8cs57wa53rzums,
wzm8bdgztq83dxcrfh247g3vgt,user,f467d27a-e4f1-4c1b-bd18-24d47b6ac3f8,,aboutMe,,
2018-02-22T19:16:46Z,,,create

If you look closely, you’ll see that this audit log entry (and all audit log entries, for that matter) contains the attributes detailed in the following table (although, depending on the change and who made it, not all the attributes will contain values):

Name

Show Audit Data

Description

agent_capture_client_id

Change By

ID of the API client associated with the API call. This is the same ID found on the Manage Properties page. For example:

xyv3q7xhces2yy7cumgrte24epx4m2st

agent_email

Change By

Email address of the agent who made the change. This attribute will be blank unless the task was carried out by a Console agent. For example:

janrain.admin@janrain.com

agent_id

Reserved for future use.

agent_label

Reserved for future use.

agent_uuid

UUID of the agent who carried out the task. This attribute will be blank unless the task was carried out by a Console agent. For example:

8e0a488-c00f-4a81-9e74-c414242778b0a

origin_component

Reserved for future use.

signed_data_client_description

Description of the signing client. This attribute will be blank unless the task was carried out by a Console agent. For example:

ccp-cluster-credentials

signed_data_client_id

Client ID used to sign any ancillary data delivered along with the logdata header interface. This attribute will be blank unless the task was carried out by a Console agent. For example:

6yeruen7567ntfgv233eemz5w6aw4by6

target_capture_application_id

ID of the application used when making the API call; application IDs can be found on the Manage Application page. For example:

htb8fuhxnf8e38jrzub3c7pfrr

target_capture_entity_type

Name of the database schema (i.e., the entity type) that was updated. For example:

user

target_capture_uuid

UUID of the user profile that was modified. For example:

bc90747f-ebc0-4fc2-8f38-c393d64a8248

target_field_current_value

New Value

New value assigned to the modified attribute. For example: 2017-09-25 15:20:52.18615 +0000

target_field_path

Field Changed

Name (path) of the modified attribute. For example:

lastUpdated

target_field_previous_value

Previous Value

Value that was assigned to the attribute before the modification was made. For example:

2017-09-21 20:14:32.532408 +0000

transaction_committed

Time Updated

Date and time the modification took place. For example:

2017-09-25T15:20:52Z 00

transaction_id

Reserved for future use.

type

Type of operation performed: create, update, or delete. For example:

update

Note. In the preceding table, the Show Audit Data column corresponds to the columns used when you choose to display audit data onscreen instead of downloading that data.

Good question: how do you get access to all this log data? In the Console, you gain access to log entries by exporting audit data for a user (you can only export audit data for a single user at a time). To export this data, and to view the data onscreen, complete the following procedure:

  1. From the Manage Profiles page, click the user profile containing the audit data you want to export.
  2. From the user profile Edit page, click Export Audit Data:

     
  3. On the Export Audit Data tab, select a time interval (30 days, 60 days, 90 days) for the export:
     
  4. Click Show Audit Data. The audit data is displayed onscreen:
     
Note. The preceding procedure was carried out in an application where Customer Care Portal has been enabled. If you are not using Customer Care Portal, you'll follow the same procedure; you just won't see the Edit Profile option.

As you can see, the onscreen display includes only a handful of audit data fields (although, arguably, these are the fields you’re probably most interested in). Despite that seeming-limitation, Janrain strongly recommends viewing audit data onscreen whenever possible. Why? Because audit data always includes personally-identifiable information (PII). The chances of someone stumbling upon PII that they shouldn’t have access to is lessened if that data is displayed onscreen (and then disappears from sight when you access another page in the Console). By comparison, downloading and saving CSV files, each file containing PII, increases the chances of that data being exposed.

If you need to download data, however, you can complete the same procedure and then click Download CSV File instead of Show Audit Data. Clicking Download File downloads audit data to a comma-separated values (CSV) file with a name similar to this:

profile-audit-data-f467d27a-e4f1-4c1b-bd18-24d47b6ac3f8.csv

In the preceding file name, f467d27a-e4f1-4c1b-bd18-24d47b6ac3f8 indicates the UUID of the user whose audit data was exported.

Note. We should also mention that the CSV file is downloaded directly to the Downloads folder configured for your web browser. You cannot save the file to any directory other than that.

When downloading audit data, as we saw previously, you can export all audit data for the last 30 days, the last 60 days, or the last 90 days.

In addition to those predefined intervals, the Select Dates option enables you to pick a specific time interval for downloading audit information any time within the last 90 days; for example, you might choose to look at audit activity that took place only between September 8 and September 15, 2018:

To return data for a specific time range, click Select Dates and then click the Start Date calendar icon to display the date picker:

Click a start date, then repeat the process to select an end date.

Note that, when you display the date picker, you’ll initially see a calendar only for the current month:

Does that mean you’re limited to time intervals that occurred only in this month? No. If you want to set a date for a month other than the current one, just click the displayed month name (e.g., Oct 2018). In turn, you’ll see a list of months similar to this:

To select a start date in, say, September 2018, just click the appropriate month and then click the start date.

If you look closely at the preceding calendar, you’ll notice that some of the months (like January through June) are unavailable. Why can’t you select those those months (and, by extension, any days within those months)? There’s a good reason for that: audit data is only maintained for 90 days. That means that you cannot select a start date (or a start month) from 91 or more days ago.