HomeGuidesRecipesAPI
HomeGuidesAPILog In

Logging and Retention

πŸ“˜

Deployment Availability

Some logging settings are restricted depending on deployment architecture.

Logs providing diagnostic and auditing information are kept by SmartIQ, available to authorized administrators. The logs are categorized based on their type, for example, a system error is different to audit records such as a change of password. How long each category of logs is stored is configured in Retention Settings.

πŸ“˜

Personally Identifiable Information (PII) and Encryption

Binary and text data containing PII is encrypted before storage.

Retention Settings

Retention settings determine the length of time the logs are kept. This setting can be changed in Manage > Settings > Retention.

Each setting has a default as seen in the screenshot below.

πŸ“˜

Maximum Setting

Multi-tenant environments can only retain logs up to 365 days.

⚠️

Deployment Availability

These settings are restricted on multi-tenant deployments, including all cloud environments hosted by Smart Communications; only "Version History Maximum", "Temporary File Storage Period (Hours)" and "Generation Log (Days)" can be set on these environments.

For more information on each setting:

πŸ“˜

Retention period changes

If retention periods are reduced, the new value will apply immediately to all existing data. At the next scheduled clean-up, all data that lies outside the new retention values will be removed.

Version History Maximum

Sets the maximum number of revisions to Projects and Content Items to retain, allowing a rollback where necessary.

πŸ“˜

Project major and minor versions

Each save to a project in Design represents a minor version, whereas a major change is defined as when the project is closed and the designer is prompted for version comments (optional).

Generation Log

Records within then generation log track a progress once a user has opened a new form or workflow state. The record tracks:

  • General metadata such as user, date started updated, etc.
  • Whether the user exited the form unexpectedly, allowing recovery.
  • The latitude and longitude of the user (where configured)
  • The current user’s (or culmination of users where a workflow is involved) final response to each question within the form at the time the record was

Generation logs can be demanding on storage. Where possible, the default of 365 should be reduced.

Management Console displays information or errors associated with generation logs, such as an error encountered when attempting to run an Action. These logs can be accessed from Manage > Management.

Click View for additional information.

Event Logs

The Event log tracks errors, warnings, and other events useful to system administrators. Records are viewed from Manage > Event Logs by administrators with the "View event log" permission.

The default number of days that SmartIQ keeps Event logs is 90 days.

Keep Workflow History and Workflow Logs

Granular logs pertaining to each state within a workflow are kept by SmartIQ. Each records tracks the user, create date, updated date, state within the workflow, completeness and, most importantly, the actual responses made during the state. These records allow the tracking of changes throughout a workflow. For example, user1 responded with Apple and user2 changed the response to Banana.

Enabling the keep workflow setting will keep the completed records after the workflow has been completed in full.
Workflow data can be large in volume thus, by default, completed workflow records are removed. When configured to be kept an appropriate workflow logs retention should be considered.

Store Location Data

When configured, stores IP/location upon user login.

Audit Logs

Audit Logs record administrative activities and accesses within SmartIQ that are security related and can provide evidence for compliance and auditing admin activity. Logs include activities such as: Login/Logout attempts, updates to users, other system entities etc. Each record contains data such as the user and date of the event it is tracking.

Auditing is enabled or disabled from Manage > Settings > General > Enable Auditing.

Audit logs are not available from the Manage interface and require database access to the AuditLog table. Enabling audit logs add large volumes of data and should only be enabled when necessary with an appropriate retention setting.

The following table indicates what actions are logged into the Audit Log.

Event

Manage

Admin API

Produce

Account access control - User logged in

βœ…

βœ…

βœ…

Account access control - User login failed

βœ…

βœ…

βœ…

Account access control - Temporary User access failed

βœ…

Account access control - User changed password

βœ…

Account access control - User reset password

βœ…

Approvals - Create/Edit Approval

βœ…

Approvals - Delete Approval

βœ…

Approvals - Restore version of approval due to project version restore

βœ…

Categories - Create/Edit Category

βœ…

Categories - Delete Category

βœ…

Content Folders - Create Content Folder

βœ…

βœ…

Content Folders - Edit Content Folder

βœ…

βœ…

Content Folders - Delete Content Folder

βœ…

βœ…

Content Library - Approve Content Item

βœ…

Content Library - Export Item

βœ…

Content Library - Create Category

βœ…

Content Library - Create/Edit Item

βœ…

βœ…

Content Library - Delete Item

βœ…

βœ…

Content Library - Export Historical Item

βœ…

Content Library - Delete Content Item Folder

βœ…

Content Library - Restore version of Content Item

βœ…

Create User Action - Create/Edit User

βœ…

Custom Fields Create/Edit Custom Field

βœ…

Custom Fields Create/Edit Metadata Custom Field

βœ…

Data Connections - Create/Edit Data Connection

βœ…

βœ…

Data Connections - Delete Data Connection

βœ…

βœ…

Data Connections - Delete Data Connection folder

βœ…

Data Objects - Delete Data Object

βœ…

βœ…

Data Objects - Create/Edit
Data Object

βœ…

βœ…

Data Objects - Access denied to data object schema

βœ…

Data Objects - Create/Edit Custom Data column

βœ…

Data Objects - Delete Custom Data column

βœ…

LDAP Identity Provider - Create/Edit User from LDAP Login

βœ…

LDAP Identity Provider - Create/Edit User from LDAP Sync

βœ…

License - Update License

βœ…

Projects - Edit Project

βœ…

βœ…

Projects - Delete Project

βœ…

βœ…

Projects - Export Project

βœ…

βœ…

Projects - Delete Project Folder

βœ…

Projects - Access denied to project during export

βœ…

Projects - Restore Project version

βœ…

Projects- Import Project

βœ…

Project Submission - Cancel Project Generation

βœ…

Project Sync Pack - Export Sync Pack

βœ…

Project Sync Pack - Begin Import Sync Pack

βœ…

Project Sync Pack - End Import Sync Pack

βœ…

Published Projects - Unpublish Project

βœ…

Published Projects - Publish Project/Edit Project Publish

βœ…

βœ…

Publish Folders - Create Folder

βœ…

Publish Folders - Edit Folder

βœ…

Publish Folders - Delete Folder

βœ…

Roles - Create/Edit Role

βœ…

βœ…

Roles - Delete Role

βœ…

βœ…

SAML Identity Provider - Create/Edit User from SAML Login

βœ…

Scheduled Projects - Pause All

βœ…

Scheduled Projects - Cancel All

βœ…

Scheduled Projects - Resume All

βœ…

Scheduled Projects - Pause Selected

βœ…

Scheduled Projects - Cancel Selected

βœ…

Scheduled Projects - Edit Scheduled Project definition

βœ…

Scheduled Projects - Delete Scheduled Project definition

βœ…

Scheduler - Automatic removal of Data Controller role from user(s)

βœ…

Sequences - Create/Edit Sequence

βœ…

Sequences - Delete Sequence

βœ…

Settings - Update Settings

βœ…

βœ…

Settings - Update Connector Settings

βœ…

βœ…

Settings - Import Theme

βœ…

Settings - Export Theme

βœ…

βœ…

Settings - Access denied to system theme during export

βœ…

User Groups - Create/Edit Group

βœ…

βœ…

User Groups - Delete Group

βœ…

βœ…

Users Groups - Edit Group Address

βœ…

Users - Create/Edit User

βœ…

βœ…

Users - Export Users

βœ…

Users - Edit Roles/Groups

βœ…

βœ…

Users - Delete User

βœ…

βœ…

Windows AD Identity Provider - User Login

βœ…

Windows AD Identity Provider Create User - Basic Windows Authentication

βœ…

Windows AD Identity Provider - Create/Edit User from Windows Authentication Login

βœ…

Windows AD Identity Provider - Create/Edit User from Windows Authentication Sync

βœ…

Workflow - Terminate Workflow Task

βœ…

βœ…

Workflow - Unlock Workflow Task

βœ…

βœ…

Workflow - Unlock Concurrent Workflow Task for edit

βœ…

Workflow - Reassign Workflow Task to user

βœ…

Workflow Reassign - Create Temporary User for recovery of task

βœ…

βœ…

Workflow Save - Create Temporary User via workflow assignment

βœ…

Client API (all areas) - Action with User Impersonation*

βœ…

*This applies to the client API: any action with user impersonation enabled