Admin Guides

Share

Is this article helpful?

Last updated:

Workspace System Audit Events Overview

Note: This article has recently been added to our Knowledge Base. Thank you for your patience as we continue to make improvements.

The following article provides a brief overview of Audit Event entries and their meanings. This overview can be helpful when searching through the Workspace System Audit Events tab or an Audit Events export.

The System Audit list can be accessed by navigating to Admin Tools > Audit Events > System Security Events.

Note:This feature is permission-related, so the correct admin permissions are required before it will be accessible.

Key Fields for Audit Events

The key fields for the audit events are as follows:

  • Created: This field provides the date and time stamp of when a change was made and when an audit event was logged.
  • Name: This field is the name of the audit entry, and what exactly occurred.
  • Zone: This field refers to the zone name where the audit entry was created.
    • For general Workspace events, such as logins, authentication, and system role changes, these will be logged as None, as they occur on the platform itself and not in a specific zone.
  • Owner: This field references the email address of the user who created the audit event.
  • IP Address: This field refers to the IP address of the Audit Entry Owner.

Authentication Events

All authentication events will be logged against the user accessing the Workspace. As this is a system access, it isn’t logged as an event against a particular zone, meaning the Zone field will appear as None.

Notification Email Events

Notification email events are also referenced here. This area can be used to reference whether a user has received a notification email from the system. The Owner field in this case is the recipient of the notification email.

This audit entry can be expanded by clicking on it. Details such as the Zone Name will be displayed.

File Access Entries

File or folder entries also create a separate set of entries on the audit log. These are listed as follows:

  • Downloaded by Online Editor: This entry indicates that the editor has successfully converted the file, and it is now ready for the user to preview. This entry doesn't mean that the user has downloaded the document, but that the editor is ready to be used.
  • Opened for Editing in Online Editor: This entry indicates that the user has successfully opened the file in question.
  • Viewed in Online Editor: This entry indicates that the user has opened and viewed the file.
  • Edited and Saved in Online Editor: This entry indicates that the user has made and saved the edits.

Anonymous Access with Public Shares

The Public Share option allows for access to a specific file without requiring the user to log in or authenticate to an account. This feature is only present for files and not entire zones or folders.

  • All Public Share files will be logged as accessed by Anonymous@Workspace.user.
  • The File Name and IP will be present for these types of audit entries.

Other Zone Change Events

There are also further events as follows:

  • Zone Activated: This event lists when a zone is reactivated from either the Recycle Bin or Zone Archives list.
  • Zone Archived: This event specifies when a zone has been added to the Zone Archives list.
  • Zone Deleted: This event specifies when a zone has been deleted.
  • File Moved: This event specifies when a file has been moved to a new location.
  • File Modified: This event specifies when a file has been edited.
  • File Added: This event indicates when a file is added. This event also specifies the zone in which the file was added.
  • Zone Details Modified: This event specifies a zone where the Properties have been modified, such as the title or description.

Was this article helpful?

1 out of 1 found this helpful

Can't find what you're looking for?

Contact Support