Generating audit reports
About the audit reports
Within the Audit Report window, you can select from two Hitachi Visualization Suite (HVS) audit reports to download for a specific reporting timeframe:
Operational Audit Report
Provides a chronological record of any action that affects a specific operation, procedure, or event.
Security Audit Report
Provides logon success or failure, and account activity changes.
You can access the Audit Report window by going to SETTINGS then selecting Audit.
Downloading the Visualization Suite audit report
After you select the report you want to view and the reporting timeframe, you can download the report by clicking Export to csv. When downloads are allowed within Google Chrome, the zipped reports are automatically downloaded. The following is an example of the download confirmation message:
By default, the Audit CSV file is in comma-separated values (CSV) Excel file format, however, the data is best viewed in a layout that uses semicolons to separate data.
Use Microsoft Excel to specify content delimiters using semicolons.
The following image provides an example of an Operational Audit Report after it has been formatted in Excel.
Report download limitations
Visualization Suite places two types of limits on the report download size.
When the report download size is exceeded, an error message displays, as shown in the following example.
Visualization Suite automatically updates the end date that matches the limitation. You can change the end date or click Export to csv to proceed with the download. For more information, see Administering domains.
Prerequisites
Check that downloads are allowed in Google Chrome
Open Google Chrome.
From Customize and Control Google Chrome, select Settings.
Click Show advanced settings.
Go to
.From Automatic Downloads, select Allow all sites to download multiple files automatically.
Change the location where downloaded files are saved
Open Google Chrome.
From Customize and Control Google Chrome, select Settings.
Click Show advanced settings.
From Downloads, adjust your download settings: To change the default download location, click Change and specify the location.
Download and format the audit report
From Settings, select Audit.
Select the report you want to generate.
Operational Audit Report
Provides a chronological record of any action that affects a specific operation, procedure, or event.
Security Audit Report
Provides logon success or failure, and account activity changes.
Use the Start Date and End Date calendars to specify the time range for the report (up to 7 days, maximum), then click Export to csv.
The report automatically downloads.Launch Excel and open a new blank workbook.
Click the Data tab and select .
From the Import Data window, navigate to the the CSV file you downloaded at step 3, then click Import.
Verify that semicolon is selected for Delimited, then click Load.
Reviewing Visualization Suite audit report data
Depending on the report type that was selected for download, the Audit CSV file provides either Operational Audit Report or Security Audit Report information about users and their actions while working in Visualization Suite.
Information about when users log out of Visualization Suite is not included in the Audit CSV file.
Operational audit report
The Operational Audit Report provides information about a user's actions within Visualization Suite, the type and duration of those actions, and the changes resulting from those actions.
Column | Description | Values for entity type | Values for entity |
Audit ID | The unique identifier of the Audit Record. | ||
Domain Date/Time |
The time that the user action started, based on the Domain time zone offset. Although all date/time data is stored in UTC time in the Visualization Suite database, each domain can have its own domain time set for the applicable region (such as Pacific Time for California, USA). So, if a domain is configured for Pacific Time, then the date/time for the downloaded report will reflect that time zone. | ||
Domain End Date Time | The time that the user action ended. | ||
User Email | The Visualization Suite user account ID. | Account of the user associated with performing the update action. | Account of the user associated with performing the update action. |
Action | The type of user action. See the Action and Scope table. | CREATE, UPDATE, VIEW, DELETE, SAVE | CREATE, UPDATE, VIEW, DELETE, SAVE |
Scope | Information about the user action. See the Action and Scope table. | GROUP | ENTITY |
Result | Success or Error | Success or Error | Success or Error |
Object ID | The unique identifier of the Visualization Suite object. | group_id | entity_id |
Object | The type of Visualization Suite object, such as a Building, Camera, Videowall. | GROUP | PERMISSION |
Name | The name of the Visualization Suite object. | Group Name | Entity Name |
Field Name | The name of the field that changed. |
permission All permissions information is stored within Notes and Comments. | permission |
Previous Value | The original content prior to the change. |
N/A All permissions information is stored within Notes and Comments. | N/A |
New Value | The changed content. |
N/A All permissions information is stored within Notes and Comments. | N/A |
Toast Error | An error message. | Error message (if applicable) | Error message (if applicable) |
Notes/Comments | Any additional information that the audit captured. |
An example when audio permission is removed from a group: removed : 5d52c23dac647966008f2f91_audio - added : |
Example: 0:[{"GroupId":"5d822a592a67948dc760dc62","Operations":["5cee8dc336b36650f8efdb4c_read","5cee8dc336b36650f8efdb4c_audio","5cee8dc336b36650f8efdb4c_delete"]}] |
Security audit report
The Security Audit Report provides information about the audit record for the reported user action.
Audit ID
The unique identifier of the Audit Record.
Domain Date/Time
The time that the user action started on the identified client system.
User Email
The Visualization Suite user account ID.
IP Address
The IP address of the client system.
Browser
The browser of the client system.
Action
The type of user action. See the Action and Scope table.
Result
Success or Error
Toast Error
An error message.
Notes/Comments
Any additional information that the audit captured.
Action and scope
The Action and Scope portion of the report provide the details about the user actions.
Action | Scope | Description |
DO | ACTION | When DO operations are invoked |
DO | ACTION | When DO operations are completed |
EMAIL_SENT | ACTION | When a notification email is sent to the specified recipients |
DO_RESULT | ACTION | When one of the following camera operations are performed:
|
ACK | ALERT | When someone acknowledges (Acks) a notification. |
ACK_ARCHIVE | ALERT | When someone acknowledges (Acks) and Archives a notification. |
ARCHIVE | ALERT | When someone Archives a notification. |
UPLOAD | ATTACHMENT | When someone uploads an attachment |
DOWNLOAD | ATTACHMENT | When someone downloads an attachment |
DELETE | ATTACHMENT | When someone deletes an attachment |
VIEW | ATTACHMENT | When someone views an attachment within the entity management page/blueprint |
AUTHENTICATE | AUTH | When a user logs into Visualization Suite |
RENEW | AUTH | When a client renews an access token |
EXCEPTION | AUTH | When an unmanaged or managed error occurs during authentication operations |
PWD_CHANGE | AUTH | When a user changes their password |
PWD_RECOVER | AUTH | When a password recovery action is completed |
INVOKE_PWD_RECOVER | AUTH | When someone asks for password recovery |
SEND_ACTIVATION_LINK | AUTH | When someone sends an activation link to a specific user |
VIEW | DOMAIN | When someone views the domain details page |
UPDATE | DOMAIN | When someone updates the domain details page |
CREATE | DOMAIN | When someone creates a new domain |
DELETE | DOMAIN | When someone deletes a domain |
VIEW | ENTITY | When someone views an entity from the entity management page or from the detail panel, except during cluster map navigation |
CREATE | ENTITY | When someone creates an entity |
UPDATE | ENTITY | When someone updates an entity |
DELETE | ENTITY | When someone deletes an entity |
UPDATE | ENTITYTYPE | When someone updates an entity type |
CREATE | ENTITYTYPE | When someone creates an entity type |
DELETE | ENTITYTYPE | When someone deletes an entity type |
VIEW | ENTITYTYPE | When someone views the entity type detail page |
GENERIC | EXCEPTION | When an unmanaged or managed error occurs using no authentication operations |
CREATE | GROUP | When someone creates a group |
VIEW | GROUP | When someone views a group from the detail page |
UPDATE | GROUP | When someone updates a group |
DELETE | GROUP | When someone deletes a group |
UPDATE | PERMISSION | When an update within a group includes permissions |
UPDATE | RETENTION | When someone updates a scheduled audit retention job (Admin portal API) |
SAVE | RETENTION | When someone saves a scheduled audit retention job (Admin portal API) |
DELETE | RETENTION | When someone deletes a scheduled audit retention job (Admin portal API) |
RETENTION | SCHEDULER | When a scheduled audit retention runs |
VIEW | USER | When someone views a user |
CREATE | USER | When someone creates a user |
UPDATE | USER | When someone updates a user |
DELETE | USER | When someone deletes a user |
UPLOAD_LOCATION | ENTITY | When someone uploads a camera location CSV file from the camera entity list |
DOWNLOAD | ENTITY | When someone downloads a camera list CSV file from the camera entity list |
DOWNLOAD | AUDIT_REPORT | When someone downloads an Audit report |
MOVINGOBJECTS | SCHEDULER | When the MovingObjects offline status check schedule runs. Notes/Comments will contain the number of entitites that have been updated. For example, affected:2 |