Monitor audit trail data

System Administrators and Application Administrators can export audit trail data to investigate specific events.

1. Select Administration in the main menu.
2. Select Audit Trail.
3. Select the Export icon to generate and export an audit trail file.
4. Fill in the following fields in the Export Audit Trail section:
   1. Audit Start Date field – drop-down – Select a specific start date range from the calendar to view specific audit trail date or type the date.
   2. Audit End Date field – drop-down – Select a specific end date range from the calendar to view specific audit trail date or type the date.
5. Select Export.

   A notification displays when the file is ready, and the file downloads automatically.

Tips

• Select View Audit Trail to Filter and download audit trail reports on a separate screen.

1. Select Administration in the main menu.
2. Select Audit Trail.
3. Select View Audit Trail.

4. Fill in a date range to filter the audit trails results.

5. Select Apply.

   The results display in the table.

   See the information that displays in the table

   • Date Generated – The date that a user generated the audit trail export.
   • Start Date – The audit trail export includes data starting from this date.
   • End Date – The audit trail export includes data until this date.
   • File Name – The file name of the audit trail exported file.
6. Select the Download icon in the appropriate row to download the document.
   See the columns that display in the Audit Trail CSV file

   • eventDate – The date and time the event occurred in GMT.
   • performedBy – The email address of the integration user, integration principal, or company user performing the action. The integration user or integration principal allows a company to assign roles and configure an app without assigning a specific user to apply the changes. The integration user or integration principal does not exist in the TraceLink SSO, and this user cannot log into the UI.
   • performedByCompany – The company of the user performing the action or an identifier of the Company for events initiated via API or B2B exchanges using an integration user or integration principal.
   • supportAccessAccount – The email address of the TraceLink Support Representative performing an action on behalf of the performedBy user.
   • functionalArea – The app that the event occurred within.
   • businessObjectType – The part of the app that the event occurred within.
   • businessObject – The specific object within the businessObjectType that the user updated (e.g. if a user is a businessObjectType, then the user's email is the businessObjectjsmith@company.com, Location 2350014).
   • action – The action the user performed (e.g. Create, Modify, Delete).
   • modifiedData – The data field that the user updated, which includes one of the following explanations:
     • Identifies the field name, the old value, and the new value in the following format: [FieldName]: [oldValue or --], [newValue or --]
     • Text that describes the change (e.g. Login, Logout, Password Changed, Invitation Sent)
     • For B2B message exchange, the file name provided.
   • reasonforChange – The reason for an update if the app requires a reason for change for that update. For example, if a user adds or removes administrator access.

Tips

• See specific help centers for each app for more information about the events that are included for that app.