Meridix audit logs
Format
The audit logs are stored as text files on the server in the folder <Logs>/Audit/<date>.[system].audit.log in the following line format. Not that each line is not a valid JSON object.
[Date and Timestamp]|[JSON OBJECT]
JSON OBJECT
{
"AuditDateTime":"2017-12-04T12:22:25.3788728+01:00",
"PerformedBy":"admin@meridix.se",
"PerformedByIp":"::1",
"PerformedByContext":"IIS Web Application",
"AuditType":"Allowed",
"EntityFullName":null,
"OperationType":"OpenSpecification",
"EntityIdentifier":null,
"EntityStorageId":0,
"Details":"Specification type: CallSpecificationRecord",
"ChangedProperties":"",
"RequestUrl":"/Reports/Specification "
}
| Field | Description |
|---|---|
| AuditDateTime | The time stamp |
| PerformedBy | The username of the current user |
| PerformedByIp | The IP number of the client if any |
| PerformedByContext | Info about the execution context, for example if the operation was performed by the web application, back end service, CLI client etc. |
| AuditType | Allowed/Denied/Insert/Update/Delete |
| EntityFullName | The full name of the entity type associated if any. e.g. Meridix.Studio.Common.MeasurementObject |
| OperationType | The type of operation that generated the audit log E.g. ReportExecution OpenSpecification MeasurementObject (name of the object affected should be combined with the audit type e.g. MeasurementObject Updated etc.) |
| EntityIdentifier | The domain id of the entity (e.g. user/object) related to the audit log. This field ties an operation to a actual user/object/customer etc. |
| EntityStorageId | The database id of the entity (e.g. user/object) related to the audit log. This field ties an operation to a actual user/object/customer etc. |
| Details | Custom unstructured message that contains information about the operation e.g. what measurement objects that was included in a report etc. |
| ChangedProperties | List updated propertied including pre and post values. Format Example |
| RequestUrl | The URL of the request that resulted in the audit log if any. For example if a operation is executed when a user is on the start page the value would be /Start etc. Allows simple tracking of what pages an user used to set the application in a given state. Can be empty/null. |
Example
2017-12-04 12:22:18.3443|{"AuditDateTime":"2017-12-04T12:22:18.3443557+01:00","PerformedBy":"admin@meridix.se","PerformedByIp":"","PerformedByContext":"IIS Web Application","AuditType":"Allowed","EntityFullName":null,"OperationType":"ReportExecution","EntityIdentifier":null,"EntityStorageId":0,"Details":"Created a 'BcsUserId' report for the period '2017-11-27 00:00:00Z'->'2017-12-04 00:00:00Z' on 'johan.wendelstam@480'","ChangedProperties":null,"RequestUrl":""}
2017-12-04 12:22:25.3643|{"AuditDateTime":"2017-12-04T12:22:25.3788728+01:00","PerformedBy":"admin@meridix.se","PerformedByIp":"::1","PerformedByContext":"IIS Web Application","AuditType":"Allowed","EntityFullName":null,"OperationType":"OpenSpecification","EntityIdentifier":null,"EntityStorageId":0,"Details":"Specification type: CallSpecificationRecord","ChangedProperties":null,"RequestUrl":"/Reports/Specification?ref=%2fReports%2fAdvanced%3fmc%3dTelepoBcs%26m%3dBcsCdrV2%26bfm%3dtrue&stn=Meridix.Studio.Common.CallSpecificationRecord"}
2017-12-06 07:56:51.0661|{"AuditDateTime":"2017-12-06T07:56:51.0711703+01:00","PerformedBy":"admin@meridix.se","PerformedByIp":"::1","PerformedByContext":"IIS Web Application","AuditType":"Update","EntityFullName":"Meridix.Studio.Common.MeasurementObject","OperationType":"MeasurementObject","EntityIdentifier":"lars.wendelstam@480#Meridix.se","EntityStorageId":209331,"Details":null,"ChangedProperties":"Description:[Lars=>Lars W]","RequestUrl":"/Admin/Subscribers"}
Webpage: www.meridix.se
Email: support@meridix.se
Tel: +46 (0) 21 38 30 32