Audit Log
Overview
This is a listing of changes made in Highlight. The list can be filtered in a number of ways to get the information you require. The page shows details of all events in or beneath the folder selected in the Network Explorer tree.
Controls
Show in subfolders checkbox
By default, results from folders and locations below the current one are included; uncheck this to include results from only the selected folder
Download
Download the information to a CSV file
Search events
Enter a string of characters as a search term. For example, AB123 will find uukAB123 and xab123txy. Searches are not case-sensitive. The search term will be compared against the User, Item Name and Details columns.
Start/End
By default, events from today are shown. Change the start and end dates to filter to a specific time period. The audit log holds data for the last 24 months only.
Search button
Search after entering your Search term. A bright blue bar appears under the search criteria showing the total items found.
Filter by type button
Filter the events shown, more details below. These options revert to default when you next log in.
Clear search button
Deletes any search term you've entered, resets all the checkboxes (to checked), resets dates to their default values and redisplays the full audit log.
Information button
"View details" - Use to expand each line to show more detail - see image below
Your search criteria and filters are saved during the current session but will reset when you next log in.
Filter by type
This panel is different to other filters in Highlight because by default, all boxes are checked meaning all possible event types are returned. Uncheck a box to filter out a specific action.
Dates: By default, events from today are shown. Change the start and end dates to filter to a specific time period. The audit log holds data for the previous two years only.
Admin user permissions required to view events for Authentication, Users, Agents
Manage users is needed to view authentication and user events
Manage folders/locations is needed to view agent and agent group events
Depending on your user permissions, events can be filtered in up to nine sections. Use the far left checkbox to select or deselect all actions for the section.
Authentication
Folders
Locations
Users
Watches/controllers
Containers
Actions
Alerting sensitivity
Agents
Reset: Use to reset all options to their defaults (all checked). This button will be unavailable if all check boxes are already in their default state (checked).
Apply: Use to make your selections take effect. This button may be temporarily unavailable whilst your criteria are applied. Clicking Apply closes the dialog.
Events table
Fifteen events are shown at a time. You can page through to other events.
Admin user permissions required to view events for Authentication, Users, Agents
Manage users is needed to view authentication and user events
Manage folders/locations is needed to view agent and agent group events
Sort the list by clicking on a column header which then shows a vertical arrow to indicate ascending or descending sort order. No arrows is visible for the Details column because it is not possible to sort the list by Details. The default sort order is by most recent date.
Type
an icon shows the event type from the following options: Authentication, Folders, Locations, Users, Watches/controllers, Containers, (Alerting) Actions, Alerting sensitivity, Agents
Date / Time
when the event occurred (UTC), format dd MMM yyyy - HH:mm
User
which user completed the action
Action
what specific event occurred, for example: Update user, Update location, etc.
Item Name
what was changed, for example: which location, folder, watch, user or alert action ID number
Details
if available, specific information about the change
Information
if available, use to expand each line to show more details
Note: Some changes will generate more than one event so changing the contact name on a folder will generate one Update Folder event and another Update contact event.
Details column
Possible detail column entries are described below:
User Authentication
Permission: Manage users
Login: (No details provided)
Folders
Permission: Anyone can see (except View Heat Tiles Only users)
Create: Folder created under 'parent'
Update: (No details provided)
Delete: Folder deleted from 'parent', Folder restored, Folder purged
Move: Moved from 'Source.Name' to 'Destination.Name'
Update contact: Changed from old contact name | no contact set> to new contact name
Locations
Permission: Anyone can see (except View Heat Tiles Only users)
Create: All fields shown with selected values
Update: Only fields which changed are listed
Delete: All fields shown with selected values, Location restored, Location purged
Move: Moved from 'Source.Name' to 'Destination.Name'
Users
Permission: Manage users
Create: User created under 'parent'
Update: (No details provided)DeleteUser deleted from 'parent', User restored, User purged
Move: Moved from 'Source.Name' to 'Destination.Name'
Update expiry: Expiry changed from 'dd MMM yyyy' to 'dd MMM yyyy'
Update permissions: A list of the permissions that have changed with their new value either 'enabled' or 'disabled' and Suspended flag value
Watches/Controllers
Permission: Anyone can see (except View Heat Tiles Only users)
Create: All fields shown with selected values
Update: Only fields which changed are listed
Delete: For SNMP-based watches, all fields shown with selected values, Watch/Controller restored, Watch/Controller purged For non-SNMP, only controller or device deletion is shown, not subwatches
Move: Moved from 'Source.Name' to 'Destination.Name
Collect Data: Collect Data has changed to 'enabled | disabled'
Show Data: Show Data has changed to 'enabled | disabled'
Update bandwidth: Changed from (old bandwidth1) and (old bandwidth2) (auto) to (new bandwidth1) and (new bandwidth2) (auto)
Containers
Permission: Anyone can see (except View Heat Tiles Only users)
Comments added to the dialog will be shown at the top of the entry. All updates are divided into tabs: Watches, Tile and Maintenance.
Create container: All fields shown with selected values
Update container: Only fields which changed are listed
Delete container: All fields shown with selected values
(Alerting) Actions
Permission: Anyone can see (except View Heat Tiles Only users)
Item name shows unique ID number for the alert action
Create action: All fields shown with selected values
Update action: Only fields which changed are listed, for example 'Suppression(s)' changed from 'Head Office (1)' to 'Head Office, Remote Sites (2)'
Delete action: All fields shown with selected values
Alerting sensitivity
Permission: Anyone can see (except View Heat Tiles Only users)
Override: (example) Override alerting sensitivity: Stability: Level 4 Load: Level 3 Health: Level 2
Update: (example) Update alerting sensitivity: Stability: Level 4 -> No change Load: Level 2 -> No change Health: Level 5 -> Level 4.
Revert: (No details provided)
Agents
Permission: Manage folders/locations
Create agent: All fields shown with selected values
Update agent: Only fields which changed are listed
Delete agent: All fields shown with selected values
Create agent group: All fields shown with selected values
Update agent group: Only fields which changed are listed
Delete agent group: All fields shown with selected values
Retention
Details in the Audit Log are deleted after two years.
Last updated
Was this helpful?