Skip to main content

EHS | Understanding Audit Trails

WHAT IS AN AUDIT TRAIL?

The Audit Trail is a tool designed to empower customers, partners, the support team, and the implementation team with the tools they need to investigate record changes.

The highlights of what a user can learn from an Audit Trail include:

  • View changes to a particular module record or subform over time.

  • Date filtering, column filtering, and text search to allow an investigator to quickly seek out the values or responses they are looking for.

  • Reports on which USER, SCHEDULE, AUTOMATION, or IMPORT made a record change to assist with investigation.

  • Record IDs are included to aid in investigation when specific records are referenced.

  • Where other records are referenced, record links are clickable, including to automations, location, and user records.

  • When fields are referenced, output codes and field types are included to assist with investigation.


WHO CAN ACCESS AN AUDIT TRAIL?

Not all Users will be able to view the Audit Trails in the system, as access to this feature is associated with the user's assigned Role. Access to audit trails is granted via "Special Permissions" column for each module in the Roles section of Settings. Additionally, a user will need at least Read rights to a record.


AUDIT TRAIL: MODULE RECORDS

THE PRIMARY FILTERS

At the top of the page, where it says “Created Anytime”, it is possible to filter events based on a Start Date, End Date or a date/time range. To the right of the creation date filter is a Search box that allows an investigator to search by any string to immediately filter the results down.

THE SECONDARY FILTERS

Though the primary filters by themselves are already very powerful, this view also includes a set of secondary column filters.

You may filter by:

  • User: Find all changes made by a specific user/automation/import 'x'

  • Event Type: Find all 'update' events

  • Record Type: Find all changes to 'Involvements'

  • Attribute: Find all 'Workflow' changes.

THE COLUMNS

  • Date/Time: The date/time that the event occurred.

  • User: Refers to how the change was made. Most commonly this is a user, but it can also be an Automation or Import. As you can see in the screenshot above, this column will also return the ID of the attribution as well as a clickable link, if applicable. This column in particular is valuable for investigations.

  • Event: The type of change, whether it's a Create/Update/Delete type event.

  • Record Type: what TYPE of record was updated. For subforms, this can really only be the Record or Form Response; for module records, this can include Actions, Involvements, Confidentialities and many other record types.

  • Details: Information about the Record in the 'Record Type' column to help an investigator understand it. For example, if it's for an action, it will simply return the ID of that action, but for a Form Response change, it will also return the name of the question, the output code, and the response type.

  • Attribute, Previous Value and (current) Value:
    Though these are three separate columns, they are all related. Attribute describes the value associated with the record type that was updated. Previous Value shows what the value was before the change, and the Value column shows the value after the change. Some updates result in multiple attribute changes related to the 'Record Type'. These fields provide that clarity.

  • Record Types - gives a glimpse into how information is managed in the EHS Platform. The available options in the record type column are:

    • Record (Main Form audit trail only)
      Any changes made to the module record itself. These include things like location, score, and workflow changes.

    • Form Completion (Subform audit trail only)
      Any changes made to the subform completion itself. These include things like score and state changes.

    • Form Response
      Any changes made in a field within any form. This primarily includes the response from/to value.

    • Indicator (Main Form only)
      Any changes made to indicators. Changing an indicator will show as deleting the old indicator and creating a new one.

    • Involvement (Main Form only)
      Any changes made to involvements. Changing an involvement will appear as deleting the old involvement and creating a new one.

    • Confidentiality
      Any changes made to Confidentiality. Changes to confidentiality are represented by users being added or removed.

    • Action (Main Form only)
      Any changes made to Actions. All attribute changes to an action show within one transaction.

    • Comment (Main Form only)
      Any changes made to comments on the right-hand bar.

    • Record relation (Main Form only)
      Any changes made to record relations. These refer specifically to the relationships referenced in the 'Relationship' many-to-many relationship field.

    • Attachment (Main Form only)
      Any attachments uploaded to the right-hand bar.

One of its quirks that is worth understanding is that 'Form Responses' show as separate events to a 'Record' or 'Form Completion' update. They are entirely separate entities.

ACCESSING THE MODULE RECORDS AUDIT TRAIL

If a user has at least Read rights to a record and has been granted access to view an Audit Trail via their role, for applicable records in applicable modules they will see the following two menu items:

Main Form Menu:

Subform menu:


AUDIT TRAIL: MODULE CONFIGURATION

This Audit Trail tracks most configuration changes within the module. Not everything is included, as there's just too much information for it to be useful once you get over a certain threshold - so we've made informed decisions on how to break it up.

In many ways, the Module Configuration Audit Trail is SIXTEEN separate audits compiled into one. The Module Config Audit will cover the following areas:

Module Settings

Main Form Configuration

Workflow & Workflow Links

Indicator Sets & Indicators

Involvement Types

Relationships

Tab Section Features

Relation Groups

Score Bands

Module Score Settings

Visual Options

Confidentiality Types

Default Template List

Export Template List

Record Calculations

ACCESSING THE MODULE CONFIGURATION AUDIT TRAIL

You may access this Audit Trail by clicking on the vertical ellipsis on the module configuration screen, in the back end of the module. Additionally, a user must have the "Tech Admin" flag enabled on their profile in order to see any details on the Audit Trail.


AUDIT TRAIL: SUBFORM CONFIGURATION

The subform configuration Audit Trail will show all events within a single subform configuration, including question changes and form changes.

ACCESSING THE SUBFORM CONFIGURATION AUDIT TRAIL

As with the other Audit Trails, a user must be granted access to view an Audit Trail via their Role. Additionally, in order to view details on the subform configuration Audit Trail, a user must have the Tech Admin flag enabled. Access the subform configuration Audit Trail from the menu icon in the Subform configuration screen, as detailed below:

  1. Settings > Modules

  2. Select module by name

  3. Click TABS

  4. Select tab section

  5. Click on Subform name

  6. In the upper right-hand corner, click on the arrow to expand the menu and select Audit Trail.


AUDIT TRAIL: AUTOMATION RECORDS

Using the Audit Trail tool, a configurer will be able to dive into an automation and investigate the most recent changes for issues. When reviewing Audit Trail records in Automations, the Details column will show a lot of detail about the automation in each row.

ACCESSING THE AUTOMATION RECORDS AUDIT TRAIL

You may access this Audit Trail from the menu icon in an Automation record. Once on the Automation record page, click on the vertical ellipsis to view the dropdown menu.


AUDIT TRAIL: USERS

Track all changes made to a User profile, including the event type, who made the change, and previous and new values.

ACCESSING THE USERS AUDIT TRAIL

Access the Users Audit Trail by clicking on the vertical ellipsis inline with the User name on the User Index, or the vertical ellipsis in the upper-right corner of the user detail page.


AUDIT TRAIL: AUTHENTICATION & SSO

View changes made to the Account Authorisation settings and the SSO setup.

ACCESSING THE AUTHENTICATION & SSO AUDIT TRAIL

Access these audit trails by navigating to Settings > Authentication & SSO. The vertical ellipsis on the right side of each item will give the Audit Trail option.


AUDIT TRAIL: TAGS

ACCESSING THE TAGS AUDIT TRAIL

Administrators can navigate to Settings > Tags. Click on the vertical ellipsis inline with the tag name to view the Audit Trail.


AUDIT TRAIL: REPORTING

View granular details regarding any changes made to custom reports through the Reporting Audit Trail.

ACCESSING THE REPORTING AUDIT TRAIL

On the Reporting Index page, click on the vertical ellipsis inline with the report name, then select Audit Trail. Alternatively, when viewing a custom report, click on the vertical ellipsis next to the Edit button on the upper-right corner, and select Audit Trail.


AUDIT TRAIL: DASHBOARDS

ACCESSING THE DASHBOARDS AUDIT TRAIL

The Dashboard Audit Trail can be accessed either via the vertical ellipsis next to the Dashboard name on the Index, or by viewing the Dashboard configuration and clicking on the vertical ellipsis in the upper-right corner.


AUDIT TRAIL: NOTIFICATIONS

ACCESSING THE NOTIFICATIONS AUDIT TRAIL

Audit trails for the Notifications system can be accessed both through the Notification index and through the Notification information card.


AUDIT TRAIL: ACCOUNT RESTRICTION HANDLING

ACCESSING THE ACCOUNT RESTRICTION AUDIT TRAIL

Navigate to Settings > Restriction Method to view the Account Restriction Handling Audit Trail.


AUDIT TRAIL: USER SETTINGS

ACCESSING THE USER SETTINGS AUDIT TRAIL


AUDIT TRAIL: ACTION SETTINGS

ACCESSING THE ACTION SETTINGS AUDIT TRAIL


AUDIT TRAIL: ACCOUNT SETTINGS

ACCESSING THE ACCOUNT SETTINGS AUDIT TRAIL


AUDIT TRAIL: SCHEDULER

ACCESSING THE SCHEDULER AUDIT TRAIL

Unlike many of the other Audit Trails, accessing the Scheduler Audit Trail can only be done by viewing the record itself, then clicking on the vertical ellipsis in the upper-right corner.


AUDIT TRAIL: MODULE CONFIG TAB SECTION

This Audit Trail tracks changes in the tab section as a whole; not changes within different tab sections. To access the audit trail for an individual tab section, click into the tab section then click the ellipsis and select Audit Trail.

ACCESSING THE MODULE CONFIG TAB SECTION AUDIT TRAIL


AUDIT TRAIL: DEFAULT TEMPLATE

ACCESSING THE DEFAULT TEMPLATE AUDIT TRAIL

Navigate to Settings > Modules > Module name > Default Template tab


AUDIT TRAIL: USER COLLECTIONS

ACCESSING THE USER COLLECTIONS AUDIT TRAIL

View the User Collections Audit Trail by going to Settings > Modules > Module name > User Collections


AUDIT TRAIL: PLACEHOLDER PROFILE

ACCESSING THE PLACEHOLDER PROFILE AUDIT TRAIL

Navigate to Settings > Integrations/Global Placeholder Profiles

Click on the vertical ellipsis next to the Placeholder Profile you would like to view the Audit Trail for.


AUDIT TRAIL: ACTIONS

ACCESSING THE ACTIONS AUDIT TRAIL

From the main Actions index (click on Actions on the navigation pane), click on the vertical ellipsis on the far-right of an action row and select Audit Trail.

Did this answer your question?