What is logged?
Events that are logged
• Licensing changes
◦ Linking or unlinking a solution license to a user group.
• Authentication changes
◦ Adding/deleting a user
◦ Adding/deleting a user group
◦ Adding/deleting users from a user group
◦ Resetting or changing a user’s password
◦ Adding/deleting a product from a user group
◦ Updating a user group
• (Failed) user actions
◦ Failure to log on by a user
◦ When a user tries to log on and his/her account is locked
◦ First time user login
◦ Failed user login (inactive start / end date)
◦ When an account is locked (multiple wrong logins, end date, password expired)
• Password settings
◦ Changing the password strength
◦ Changing password settings
• Logging in/out Planon administrators
◦ Logging of login/log off of users linked to the Planon administrator group
| • If you want to log the login and logout timings of the users (in the selected user group), go to the User groups TSI > User groups and enable the Additional security logging field by selecting Yes. This data will be stored in the security logging file. To enable this feature, you must first make the security logging settings. For more information, refer to Authorization > Security logging. • The Additional security logging setting is not enabled by default because it comes with a performance penalty. If you start logging for each user, this will create a considerable overhead. Only enable this setting if you need the information to retrieve more detailed information for analyzing issues. |
• Authorization changes
◦ Switching on/off authorization
◦ Switching on/off business object authorization
◦ Changes to user group permissions:
- Adding/deleting/updating action filters
- Updating authorization filters (when linked to user group)
- Adding/deleting/updating authorization links
◦ Updating function profiles (when linked to a user group)
- Adding/deleting field rights
- Updating field rights
- Adding/deleting actions
- Adding/deleting status transitions
- Adding/deleting extended actions
- Changing the permission type of BORight
- Changing the function profile default permission type
Environment Management gadget
In the Cloud, the following events are logged:
• Disk
◦ Changing disk space allocation
• Customize
◦ Changing the welcome image
◦ Changing the welcome image to default
◦ Changing the favicon image
◦ Changing the favicon image to default
◦ Changing the error page URL
• Backups
◦ Creating manual backup
◦ Restoring backup (including backup ID, destination and with or without resetting user password)
◦ Deleting a backup
◦ Converting a backup from incremental to full
◦ Changing a backup name
◦ Changing a backup expiry date
◦ Changing a backup comment
◦ Changing retention period
◦ Changing Save disk space (toggle for: incremental full backups)
• Danger zone
◦ Restarting
◦ Scheduling a restart
◦ Canceling a scheduled restart
◦ Upgrading
◦ Scheduling an upgrade
◦ Canceling a scheduled upgrade
◦ Reloading TMS
◦ Changing the WebDAV password
◦ Reseting NYX credentials
◦ Importing a clone
◦ Creating a clone voucher
◦ Importing Accelerator
• IP whitelisting
◦ Enabling IP whitelist
◦ Disabling IP whitelist
◦ Changing IP whitelist settings
• SSO
◦ Enabling the SSO realm
◦ Enabling SSO
◦ Disabling SSO
◦ Resetting the SSO Admin password
• Domain settings
◦ Changing the domain alias setting
◦ Changing mutual SSL settings
◦ Changing portal URL settings