Auditing and logging

Auditing entails both pre-production and post-production tasks.

This topic includes the following information: 

Go-live assessment

Pre-production auditing involves an extensive go-live assessment of the Production environment before the customer's production cutover. Any change made to a default system parameter during onboarding must be documented in a Request for Change (RFC) document for both QA and Production environment promotion requests. The BMC SaaS Operations team allows some flexibility with adjusting system parameters but reserves the right to keep them within reasonable values or value ranges. The threshold values allowed for each parameter are assessed and mitigated where necessary.

The go-live assessment is performed by the BMC SaaS Operations team after the system is promoted to the production environment but before the go-live event. The onboarding Project Manager must request the audit by submitting a service request through your support portal at least two weeks before the scheduled go-live date. Seven business days should be blocked to allow for any remediation required as a result of the audit and should be accounted for in the onboarding project timeline. 

Additional checks related to license compliance that are made prior to production cutover include: 

  • environments are configured with the proper license capacity
  • users are configured at or below the purchased license capacity
  • the license configuration form is inaccessible to anyone other than BMC SaaS Operations
  • users are not configured under multiple licensing models

Issues with any of the above may delay production readiness and should be mitigated as early as possible in the onboarding project. 

User activity logs

Log TypeDefinitionControls
Workflow Audit Logs

Workflow Audit Logs are records of significant events that occur within a software application and are used to track and monitor activity (E.g. updating a ticket status, reassignment of tickets, changing field content), including which end-users did what and when. 

Common requests include:

  • User log  - the user log traces user activity on the server. It tracks users who are blocked by lack of free-floating tokens and failed login attempts. Tracking failed login attempts helps to detect any unauthorized access to BMC Remedy AR System. By default, the log file is named aruser.log.
  • API log   - the API log traces all API calls run on the server, regardless of their origin. All BMC Remedy AR System operations are logged, including the activity of BMC Remedy Developer Studio and applications that you have developed. By default, the log file is named arapi.log.
BMC Helix ITSM customers can enable this logging directly within the application and control the retention policy. When enabled, the application will write audit logs to the Helix ITSM database. 
SaaS Service LogsSaaS Service Logs are logs generated by various system components or services that make up a software application for your BMC Helix ITSM environment(s). Service logs provide information about the operation and performance of those services, and can be used to troubleshoot problems, optimize performance, and identify potential security threats.

If you require certain application log data for your environment, review options and submit a case to the BMC Support Team. It is recommended to only activate logging for a short period of time as this can create an enormous amount of data that consumes your allocated BMC Helix ITSM storage.

SaaS Service Logs are made available to customers upon request and are provided via the File transfer process

BMC reserves the right to limit the duration of active logging. You should include your specific use case when requesting log activation so that BMC can help you determine an appropriate recording period.

Was this page helpful? Yes No Submitting... Thank you


  1. Hock joon Quick

    There is a typo. Managed tile transfer process. TILE, should be FILE ?

    Jul 21, 2020 10:29
    1. Martha Mulvaney

      Thanks Hock. Yes, this should be "file". I will update when I publish other edits on this page. 

      Jul 21, 2020 10:53
  2. Sandrine Bastian

    There is an error with User Logs Link update to User log

    Jul 29, 2022 04:41
    1. Dhanya Menon

      Thank you, Sandrine for the comment. I have updated the link.



      Aug 29, 2022 07:39
  3. Andreas Petraschke

    Please provide more details when the generated logs will be deleted again.

    Feb 15, 2023 05:31
    1. Andreas Petraschke

      Please provide more details when the generated logs will be deleted again.

      May 10, 2023 04:28
      1. Dhanya Menon

        Hello Andreas,

        Thank you for your comment.

        For the Workflow Audit Logs in the Controls column, you can clearly see that the retention policy is controlled by the customers. 

        For the SaaS Service logs, I would need to check with our internal teams.  Which applications are you thinking of? For example, ITSM, Digital Workplace, Helix Virtual Agent, etc.? It'll likely be different for each application. 

        We don't have this information documented today but we'll take it up as an improvement. However, we need time to track the retention down for each product.  



        May 12, 2023 08:36
        1. Andreas Petraschke

          Thanks Dhanya I was thinking about all applications.

          May 15, 2023 07:13