Audit Trail

The Nected Audit Trail is a feature that allows you to track all changes made to your Nected account. This includes changes to your rules, datasets, connectors, remote configs, system API keys, and auth configs.

Purpose of the Audit Trail

The Nected Audit Trail is a valuable tool for a variety of purposes, including:

  • Troubleshooting: If you are experiencing problems with your Nected workspace, you can review the Audit Trail to identify the source of the issue. For example, if a rule is not working as expected, you can check the Audit Trail to see when the rule was last modified and who made the changes.

  • Security and compliance: The Audit Trail can help you to monitor user activity and detect suspicious behavior. For example, you can use the Audit Trail to identify users who are accessing or modifying sensitive data without authorization. Additionally, the Audit Trail can help you to comply with industry regulations that require organizations to track all changes to their IT systems.

How to navigate to the Audit Trail?

To navigate to the Audit Trail, click on the "Audit Trail" link in the left-hand sidebar of the Nected dashboard.

Inside the Audit Trail screen:

The Audit Trail screen in Nected provides a comprehensive overview of all changes made within your workspace. It serves as a vital tool for tracking, monitoring, and understanding the history of events and actions within your Nected account. Each change is meticulously recorded, with detailed information presented in an easily accessible format.

Understanding the Audit Trail Columns

The Audit Trail screen comprises several columns, each offering specific insights into the changes and events that have occurred in your workspace:

  1. Date: This column displays the date and time when a change or event took place.

  2. Type: The "Type" column categorizes the nature of the event or change. It indicates whether the change relates to a simple rule, decision table, rule set, dataset, connector, remote config, system API key, or auth config.

    1. Simple Rule: Simple rules are the fundamental building blocks of Nected's rule-based systems. They typically encompass straightforward rules with a set of conditions and corresponding actions. A "Create" event indicates the formation of a new simple rule. When a user modifies an existing rule, an "Update" event is recorded. The "Publish" event suggests that the rule has been successfully deployed to a specific environment. "Test via Console" means running the rule using the Console feature to validate its functionality. A "Delete" event signifies the removal of a simple rule. And finally a “Call via API” event signifies the execution of the rule through an API call.

    2. Decision Table: Decision tables are used to define and manage complex business logic by mapping multiple conditions to corresponding outcomes. The event types for decision tables mirror those of simple rules. You'll find "Create" events for new decision tables, "Update" events for modifications, "Publish" events for deploying the decision table, "Test via Console" for validation testing, “Call via API” for execution of the rule, and "Delete" for removing decision tables.

    3. Rule Set: Rule sets are containers for organizing multiple simple rules and decision tables. A "Create" event occurs when a new rule set is generated. "Update" events involve changes made to the rule set structure. "Publish" events indicate the deployment of the rule set to an environment. "Test via Console" signifies the testing of the entire rule set using the Console. "Delete" events mark the removal of rule sets. And the “Call via API” signifies the execution of the rule.

    4. Dataset: Datasets are used to access, manage, and manipulate data from connected databases or other data sources. A "Create" event represents the introduction of a new dataset. "Update" events encompass modifications to the dataset's structure or configuration. "Publish" events indicate the deployment of the dataset to a specific environment. "Delete" events are recorded when datasets are removed from the workspace.

    5. Connector: Connectors are essential for linking Nected to external systems, such as databases or APIs. A "Create" event is logged when a new connector is established. "Update" events capture modifications to connector configurations. "Publish" events reflect the deployment of connectors to a particular environment. "Delete" events signify the removal of connectors from the workspace.

    6. Remote Config: Remote configurations are used for managing the settings and parameters of remote systems, such as external databases. A "Create" event is registered when a new remote configuration is set up. "Update" events occur when configurations are modified. "Publish" events represent the deployment of remote configurations to a specific environment. "Delete" events document the removal of remote configurations.

    7. System API Key: System API keys are authentication tokens that allow secure communication between Nected and external systems. A "Create" event is recorded when a new system API key is generated. "Update" events pertain to changes in the API key's settings or parameters. "Delete" events indicate the removal of system API keys from the workspace.

    8. Auth Config: Auth configs are used to configure authentication settings for interactions with external systems. A "Create" event is registered when a new auth config is created. "Update" events capture changes to the authentication configuration. "Publish" events show the deployment of auth configs to specific environments. "Delete" events signify the removal of auth configurations.

    9. Actions: An "Actions" event is registered when an API call is made as part of a rule's action. In Nected, rules can include actions that involve interacting with external systems or services via API calls. This event type captures the execution of such actions, whether they involve sending data to a remote API, retrieving information from an external service, or triggering specific functions in third-party systems. Actions in rules enable users to automate processes, integrate with external tools, and expand the capabilities of their workflows.

  3. Event: Here, you can find a description of the specific event, such as "Created," "Updated," "Published," "Tested via Console," “Call via API,” and "Deleted." This column provides clear details on the actions performed.

    1. Create: A "Create" event indicates the inception or generation of a new component or entity within your Nected workspace. When this event is logged, it signifies that a user has created a new rule, dataset, connector, remote configuration, system API key, or auth configuration. The user has initiated the creation of a new item, and this event represents the start of its existence.

    2. Update: An "Update" event is recorded when changes are made to an existing component or entity. This event highlights modifications, adjustments, or enhancements to a rule, dataset, connector, remote configuration, system API key, or auth configuration. The "Update" event informs users that the previously established entity has been altered, potentially affecting its behavior or functionality.

    3. Publish: The "Publish" event signifies the deployment or activation of a component in a specific environment. For instance, when a rule, dataset, connector, or remote configuration is published, it means that it is now operational and ready to execute its defined functions within the chosen environment. This event marks the transition from a developmental or testing phase to an active, production-ready state.

    4. Test via Console: "Test via Console" is an event associated with the validation and assessment of rules. When a user runs a test on a rule via the Nected Console, it falls under this category. This event is especially useful for users who want to ensure that their rules function correctly and yield the expected outcomes. While running a test, the system evaluates the rule's behavior, and any issues or errors are recorded as part of the test results.

    5. Call Via API: The "Call Via API" event represents the execution of a rule and the rule action through API calls. Users can integrate Nected with external systems using the API and then trigger actions in response to specific conditions. This event demonstrates the interaction with external systems or data sources through API endpoints, and it allows users to automate tasks and workflows.

    6. Delete: A "Delete" event is logged when a user decides to remove or eliminate a component or entity from their Nected workspace. This event indicates the intentional removal of a rule, dataset, connector, remote configuration, system API key, or auth configuration. When a component is deleted, it is permanently erased from the workspace and can no longer be used in any operations or workflows.

  4. Status: The "Status" column indicates the outcome of the event—whether it was successful or if any errors occurred during execution. Additionally, for certain events, you can see the runtime of the event.

    Note: When a user closes a window in the middle of an event, especially when running a test via the Console, only the runtime will be displayed in the "Status" column, and the success or error message may not be available.

  5. Mode: This column specifies whether the event took place in the "Staging" or "Production" environment.

  6. User: The "User" column identifies the user who initiated the event. For events like testing rules via the Console, where the system conducts the tests, the "User" column may not display any user information.

  7. Root Node: The "Root Node" is the parent element or node related to the event. For events like creating, updating, or deleting, the "Root Node" may be indicated as "None" because these events are linked directly to the root node itself.

  8. IP Address: The "IP Address" column shows the IP address from which the event was performed. This information is particularly helpful for tracking event origins.

Tabs for Efficient Event Filtering

At the top of the Audit Trail screen, you'll find a set of tabs that facilitate efficient event filtering. These tabs are designed to help you quickly locate specific events based on various criteria:

  1. Search Bar: You can use the search bar to find a particular event by its unique ID or name.

  2. Filtering Drop downs: Three dropdown menus allow you to filter events based on specific attributes:

    • Types: Filter by event type, such as simple rule, decision table, rule set, dataset, connector, remote config, system API key, or auth config.

    • Status: Filter events by success or error status.

    • Mode: Sort events based on the environment in which they occurred—either "Staging" or "Production."

  3. Date Range: The date range allows you to narrow down events based on specific dates. You can set a starting date and ending date to filter events within a particular timeframe.

With these advanced filtering options and the detailed information provided in the columns, the Audit Trail screen in Nected empowers you to effectively track and manage changes within your workspace. It enhances visibility, transparency, and accountability, ensuring that you have a comprehensive understanding of all the events that impact your Nected account.

Audit Logs

The "Audit Log" screen in Nected serves as a comprehensive tracking tool for administrators, enabling them to monitor all changes made to their account. This includes modifications to various elements such as rules, datasets, connectors, remote configurations, system API keys, and authentication configurations. The "Audit Log" screen provides valuable insights into these changes, helping administrators maintain account security and track account usage trends.

Information Displayed in the Audit Log:

The "Audit Log" screen displays detailed information for each event, allowing administrators to gain a clear understanding of what occurred:

  1. Date and Time of Change: The timestamp of when a change was made, down to the minute, is recorded.

  2. Type of Change: The type specifies the category of the change, such as "Rule Set," "Simple Rule," "Dataset," "Connector," "Remote Config," "Decision Table," "System API Key," or "Auth Config."

  3. Event: The event signifies the nature of the change, whether it involved the creation, update, test via console, call via API, Publish or deletion of an element.

  4. Status: The status reflects whether the event was executed successfully or resulted in an error. The runtime of the event is also recorded for further context. In cases where a user closes a window during an event, only the runtime is displayed, as the event's status remains unknown.

  5. Mode: The mode highlights whether the event occurred in the "Staging" or "Production" environment, providing clarity regarding the context of the change.

  6. User: The user field identifies the administrator who initiated the change, except in cases where an event is system-triggered, as seen in tests conducted via the Console.

  7. IP Address: The IP address is basically nected’s IP address.

  8. ID: The ID is a unique identifier for each event and varies based on the event type. For regular events like creation, deletion, updating, or publishing, the ID appears as an alphanumeric string (e.g., "6540966756a40764f25858d2"). However, for "test via Console" events, the ID is preceded by "rule:" if the event pertains to a rule, "connector:" for connectors, "dataset:" for datasets, and "action:" for actions (e.g., "rule:6540966756a40764f25858d2"). This ID is crucial for tracking and referencing events.

Parent and Children Events (Testing via Console):

In specific cases where an event has parent or children events, typically observed during testing via the Console, the "Audit Log" screen provides additional information about these related events. This information includes:

  1. Date and Time of Change: The timestamp for each associated event.

  2. Type of Change: The type specifies the category of each related event.

  3. Name: The name identifies the specific element for each event.

  4. Event: The event signifies the nature of the change for each related event.

  5. Mode: The mode highlights whether each related event occurred in the "Staging" or "Production" environment.

  6. User: The user field identifies the administrator responsible for each associated event.

  7. Root Node: The root node, applicable mainly to events like creation, updating, deletion, or publishing, designates the parent element of the event. In cases where events are inherently rooted, such as creating a rule, the rule itself serves as its own root node.

  8. IP Address: The IP address indicates the location from which each event took place.

To access the "Audit Log" screen, administrators need to navigate to the Audit Log page within the Nected dashboard. Once on the Audit Log page, administrators can efficiently utilize filtering and sorting options to streamline their audit log analysis. These filters include date, event type, name, event status, mode, user, root node, IP address, and a date range.

The "Audit Log" screen is a powerful tool for administrators, providing the necessary oversight and transparency to ensure the security, integrity, and efficient operation of their Nected account.

Last updated