The Audit log within account administration contains the audit log of:
- All activities related to account settings.
- All user sign in, sign up events, and actions.
- High-level activities such as flow creation and deletion.
The account level Audit log is available to the Account Owners, Super Admins, and User Admins.
You can get the following details from the Audit log section of your account:
- Audit ID: This is a unique ID generated automatically by the system for every event recorded as part of the history.
- Timestamp: The exact time when a specific action happened or was performed.
- Actor: The account user who acted.
- Action: The kind of activity or action that had taken place. Examples include Dataset permission change, Account ownership transferred, User activated, Account security updated, Field modified, IP address, etc.
- Object: The object or the underlying resource that is being changed
- Event category: Common name for an event that you can use to filter down to similar events. Examples: Process Administration, Case Administration, etc.,
- Platform: The device or Operating System (OS) used to record the event.
- IP: The network IP address of the recording device.
- Batch ID: This is a unique ID generated automatically by the system for a group of related events. Unlike Audit ID, the Batch ID of these events will be the same for reference purposes.
All entries in the audit log get reflected in the user interface with a slight delay. This delay ranges from a few seconds to a maximum of four hours in some instances.
Interpreting the audit log
When you expand each entry in the audit log, based on the type of action performed, you will see data highlighted in three colors: green, red, and yellow. Each color has a distinct meaning that's explained below.
Green: This color indicates new data recorded as part of the new event. For example, when a new process gets created, all the field data, like process name, owner, user role, etc., is recorded for the first time and is highlighted in green.
Likewise, adding a new user would result in the user details such as First Name, Last Name, Manager, Department, etc being recorded for the first time in green.
This color indicates new data recorded as part of the new event. For example, when a new form is published, all the new fields created before the publish are recorded for the first time, highlighted in green.
When values are entered in the fields in a form and when the item is submitted, the new values entered are recorded in green.
Yellow: When there is a change in the recorded data, the color yellow is used to highlight that change. For example, when there is a change in the user's name, both the existing name and the newly recorded name get highlighted in yellow to showcase the difference.
Red: When some recorded data is removed from the audit log and not replaced with new data, red is used. For example, when a user is removed from your Kissflow account, all recorded information associated with that user gets removed. When a value in a field in a form is removed and when the item is submitted, the removed value gets recorded in red.
On the Audit Log page, click the Expand button () beside a field filter
to sort a field in ascending or descending order.
- On the Audit log page, click the Expand button () beside a field filter
to search for a specific entry.
- Use the search box ( ) to search for the necessary term.
You will be able to filter the Audit log events based on the following fields/criteria:
- Audit period
- Last 30 days: Get event information for the previous 30 days from the current date
- Last 60 days: Get event information for the previous 60 days from the current date
- Last 90 days: Get event information for the previous 90 days from the current date
- Custom date range: Select a customized date range to filter events
- Object: Select one or more objects from the suggestions or enter the exact object name you would like to derive the log details.
Event category: Filtering events based on event categories is one of the recommended ways to get specific events from the Audit log section. If you are unsure how to go with the event category, enter a flow name like "process" or "case" in its search bar, and it will list all the categories relevant to the flow type you just entered.
- Actor: You can select one or more account users to filter events based on users.
- Action: Enter a relevant action in the field's search bar or select one from the suggested list of actions as necessary. You can filter events based on only one action at a time.
- Audit ID, Batch ID, & IP: Filters are applied on these fields mostly to backtrace an event's history. Enter the exact Audit ID, Batch ID, or IP address to filter events as necessary.
Removing filter conditions
Applied filter conditions will be highlighted in blue as in the above screenshot and to remove a specific filter condition, hover over the condition and click the Remove button () to clear it.
Exporting an audit log
On the Audit log page, click the Export button ( ) to export the audit log as a file. An email with the download link will be sent immediately to your registered email address from where you can download the file.