Auditing

  • Updated

Introduction

Records365 provides a comprehensive Audit Log of all actions that take place on a record, both in the Content Source (where supported by each connector) and in the Records365 platform itself.

Each record within Records365 maintains its own unique audit log, which merges together the list of all audited activities from the Content Source and the Records365 platform. These activities might include a document being viewed or checked out in the Content Source, or being reclassified in Records365.

Viewing the Audit Log

To view the Audit Log for a record, click on the Audit tab when viewing the Record Details page.

rm-audit1.png

Each row in the Audit page provides the details of an action that was performed on the Record. The details include when did the action occur, who performed it, the type of action, where did it occur (Source) and a description.

The Source column shows whether the audit is coming from Records365 (Records Management Platform) or from your Content Source. The Action column shows the Audit Event type.

Audit event types

Filtering Event Types

When there are several audit events, you can use the Filter panel above the Audit events table to filter specific audits for a Record. The filtering feature looks up partial matches for the text (you input in the filter panel) in the Action column of the Audit tab, and displays only relevant audit events.

Below is a list of what each Audit Log entry means specifically in Records365:

Audit Event Type Operations to be Audited Username Description
Record Created When a Record is created in Records365. The name of the connector or module responsible for creating the record. [objectType] [title] was Created by [userName]
Record Viewed When a Record is viewed in Records365. Name of the Azure Active Directory user who viewed the record in Records365. [objectType] [title] was Viewed by [userName]
Record Modified When a Record is modified in Records365. This also creates a new version of the record. Either the name of the connector or module responsible for updating the record, or System for internal operations. [objectType] [title] was Edited by [userName]
Record Added to Freeze/Hold When a record is added to a freeze/hold. The logged in user who added the record to the freeze/hold. [objectType] [title] was added to freeze/hold [freeze title] by [userName]
Record Removed from Freeze/Hold When a record is removed from a freeze/hold. The logged in user that removed the record from the freeze/hold. [objectType] [title] was removed from freeze/hold [freeze title] by [userName]
Record Access Modified When new groups or users have been given access to the item. The logged in user that added/removed users/ groups to the Physical Profile Security Trimming section. Access to [objectType][title] has been modified by [UserName]:  [group /user email] [action], [group / user email] [action].

*action can be: added or removed

Record Retention Schedule Updated When a record’s retention schedule is updated via the Record Category/Disposal Class view. The logged in user that updated the retention schedule. [objectType] [title] retention schedule was updated by [userName]
Record Exported When a record is exported in Records365. The logged user that triggered the action for exporting the record. [objectType] [title] was Exported to [Export Format] by [userName]. Reason: [Export Reason]
Record Sent for Loan When the entire loan request is checked out, and all the items within it are updated with this audit event. The logged in user that initiated the checkout event. Record Sent for Loan [Loan ID] by [userName]
Record Returned from Loan When the entire loan request is returned, and all the items within it are updated with this audit event. The logged in user who initiated the return event. Record Returned from Loan [Loan ID] by [userName]
Record Disposal Rejected When one of the approvers rejects the record for disposal. The logged in user who rejected the disposal (Disposal Approver). [objectType] [title] was Rejected for disposal by [userName] with comments: “[Disposal Approver Comments]”
Record Destroy Initiated When a user clicks confirm for the disposal confirmation and the status is changed to ‘Destroy In-Progress’. The logged in user that initiated the destroy event. [objectType] [title] was submitted for disposal by [userName] with comments: “[Disposal Comments]”
Record Destroyed When the Record status is changed to ‘Destroyed’. The logged in user that initiated the destroy event. [objectType] [title] was destroyed by [userName]
Record Destroy Failed When the Record status is changed to ‘Destroyed Failed’. The logged in user that initiated the destroy event. [objectType][title] submitted for destruction by [userName] was not destroyed. Reason: {connector failure message}
ML Classified

When the record is either:

  • Auto Accepted as it meets the minimum threshold.
  • Provided a suggested category by Classification Intelligence.
Records Management Platform [objectType][title] was [objectType] ML Classified by Records Management Platform.
Requested Resubmit

When the record has been submitted for resubmission.

The logged in user that initiated the resubmit event. [objectType][title] was Resubmitted by [userName].
Requested Process Signals

When the record has been submitted for signals re-process.

The logged in user that initiated the signals re-process event. [objectType][title] was Requested Process Signals by [userName].

 

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request