The auditing feature of BRPM enables you to audit various types of resources such as teams, applications, and users. You can analyze audit results further to improve efficiency and remove inaccuracies in the system.
You can audit the following types of resources:
- Individual resources, such as application and team. For example, when you audit an application type of resource, the system displays the actions, the user who performed those actions, application ID, and the changes that were made by that user in that application. For an individual resource, the following actions are available for auditing:
- Create: When a resource is created.
- Update: When a resource is updated.
- Destroy: When a resource is deleted.
- Enable: When a resource is activated or unarchived.
- Disable: When a resource is made inactive or archived.
- Associated resources, such as application-environment and plan-team. For example, when you audit an application-environment type of resource, the system displays the actions, application-environment IDs, the environments on which actions were performed associated with that application, and changes that were made in the application-environment association. For associated resources, the following actions are available for auditing:
- Create: When an association is created between two resource types.
- Update: When an association is updated, for example, reordering of one of the resource types.
- Destroy: When an association is removed between two resource types.
Before you begin
To audit resources, your role must be granted the View Audits system permission, as described in Managing access permissions.
Navigate to System > Settings > Audits.
The right pane shows Audit Tips for various types of resources available in the system. Click the show link and then select a resource type for which you want to view the tips. These tips act as a guidance for search mechanisms to be used while performing auditing. Starting from version 5.0.03.005, the Audit notes also show how to interpret the audited changes.
- In Audited At, select the date range during which actions related to a resource were performed.
By default, the date range is from 31 days in the past to the current date. You can move or lessen the timeline in this range as per your requirements.
- Select the values from at least one of the following lists. You can choose from the both the lists as well.
- From Resource Type, select the type of resource that you want to audit.
Depending upon the resource type you select, filters appear. When you select an associated type of resource, you get 2 filters to choose from. For example, if you have chosen application-environment, you can use the application and environment filters to limit the data.
- In Action Performed By, specify the user name or user ID if you want to audit the resource on which actions were performed by a particular user.
If you do not specify a user name or user ID, audit results are displayed for all the users who performed actions.
In Resource Name, depending on the resource type you have selected in step 3, specify the name or ID of resource you want to audit.
This search is case-insensitive. When you type initial 2 characters, list is auto-populated with resource name suggestions. Only recently created top 200 resource names appear on in the list.
- From Action, select the action for which you want to audit a resource.
Values in this list depend on the resource type you have selected in step 3. If you do not select any action, audit results are displayed for all the action types applicable for that resource type.
- Click Search.
Audit results are displayed in the bottom pane. The following figures show sample audit results for an application, Smart App.
5.0.03.005 AND LATER VERSIONS For better readability, the attributes affected by an operation are well formatted and each attribute is displayed on a separate line.
For the Update, Enable, and Disable operations, audited changes are displayed in the following format:
"column_name" : ["old_value", "new_value"]
. For the Create and Destroy operations, changes are displayed in the following format:
"column_name" : "value". Also, for the Update, Enable, and Disable operations, the search_term attribute no longer appears.
5.0.03.004 AND EARLIER VERSIONS The attributes affected by an operation are displayed on the same line.
NEW IN 5.0.05 The (encrypted) password created or updated by the user is also audited. The audited password is masked and displayed in the Audited Changes.
Exporting audit results
You can export your audit results to CSV and PDF formats. To export audit results, click Export to CSV or Export to PDF.
PDF export might take longer depending on the number of rows in audit results.