Audit Trail
AS2G will keep track of all configuration and administrative operations performed by your organization’s users, to be reviewed later by account administrators with audit-related permissions.
Retention of audits is subject to the data retention policies maintained by Aayu Technologies.
Audited actions
Following is a non-exhaustive list of operations that would record audits in your AS2G account:
- Initial account/organization registration
- User creation/verification/update/deletion
- User log-in/log-out (Note: user log-outs due to automatic session expiration, are not audited)
- User group/role creation/update/deletion
- Updating organization details
- Trading station creation/update/deletion
- Sharing of trading station (identity) configurations with external email addresses (“Share this configuration” action)
- Trading partner creation/update/deletion
- Certificate creation/import/renewal/export/deletion (includes certificate downloads from trading stations’ partner-view pages)
- Manual message composition/submission and deletion from web dashboard (Note: message submissions through integrations are not audited)
- Manual message retry/resend/re-processing/downstream redelivery from web dashboard
- Manual download of single/bulk message attachments, MDNs, transport headers, raw payload, etc.
- Manual mark-as-read action (includes viewing of inbox messages from web dashboard)
- Initiating/updating/deletion of external integrations
- Exporting integration details, e.g. SFTP private key
- Payment events: package subscription/upgrade/downgrade/cancellation, receipt of automatic/recurring payments, validity period updates during payment failures
- Archival/restoration of audit logs themselves
Format of audits
Fields
Each audit contains:
- Subject: type of the action, e.g. “Trading Partner Update”
- Timestamp: time of performing the action
- Level or Severity: importance/impact of the action or its outcome; INFO and SUCCESS for proper completion, WARN for non-critical action failures (e.g. validation rejections) and ERROR for critical failures (e.g. errors encountered during a configuration update)
- Message: actual audit message/detail
Change tracking
Audits related to entity/configuration updates usually produce two audit lines:
- a DEBUG line containing the updated configuration submitted with the user action; e.g. all fields submitted from the web dashboard, in case of a trading partner update
- a SUCCESS/INFO line containing the overall summary of updates that actually got applied (a diff/change-log); e.g. if only the URL of the partner was updated, the line will contain “uri {old URL} ~ {new URL}”
Updating partner Acme (ACME_AS2): Acme [Production] (ACME_AS2)
https://as2.acme.com:4080/receiver (timeout 60s)
Encrypt AES256_CBC, cert smime--ACME_AS2-as2.cer
Sign SHA256
Request signed MDN
Updated partner Acme (ACME_AS2); changes:
uri http://as2.acme.com:8080/receiver ~ https://as2.acme.com:4080/receiver
If an update fails, instead of the SUCCESS/INFO line, an ERROR (or, on rare cases, WARN line will get logged, containing a summary of the encountered issue or error.
Failed to create partner Acme (ACME_AS2); Invalid certificate data
Both the submission and completion/error audit will use the same subject, so you can filter by the subject to see a trail of all associated actions; e.g. the history of all updates made to a trading station.
Viewing audits
You can view and filter/search audit events from the Audit Trail page.
Filtering
Use the Filter button on the header bar, to open the filter configuration dialog and view only a subset of available audits.
Available filter options include:
- Username: ID/email of the user who performed the action; in case of external events like payment receipts, system will use the email/username or other identifier(s) available on the event, based on the context
- Severity: auditing “level”, as described previously
For brevity, the list is filtered to show only INFO, SUCCESS and ERROR audits by default; if you want a more detailed/verbose (e.g. to revise the full settings that were submitted during an update), please adjust the filters to show DEBUG audits as well.
Searching
You can also search the list using a text string to match the subject or message (partial fragments accepted). For example, search for “Trading station update” to see the trail of all changes made to your station(s).
Archiving
You can archive the audits that you have already reviewed and/or no longer wish to see in the default list, using the Archive action button - from each row, from on the table header (as bulk, after selecting desired rows to archive).
You can review such archived audits separately using the View Archived Audit Logs button on the page header, and restore (un-archive) any desired logs - individually or in bulk, using the Unarchive action.