Skip to main content

We've Moved!

Product Documentation has moved to docs.hitachivantara.com
Hitachi Vantara Knowledge

Generating audit reports

About the audit reports

Within the Audit Report window, you can select from two Hitachi Visualization Suite (HVS) audit reports to download for a specific reporting timeframe:

  • Operational Audit Report

    Provides a chronological record of any action that affects a specific operation, procedure, or event.

  • Security Audit Report

    Provides logon success or failure, and account activity changes.

You can access the Audit Report window by going to SETTINGS then selecting Audit.

NoteIf you do not see Audit under the Settings menu, contact your administrator or see Managing groups and permissions.
GUID-AB5E79C3-F03E-4460-85B3-65C8E618CD8F-low.png

Downloading the Visualization Suite audit report

After you select the report you want to view and the reporting timeframe, you can download the report by clicking Export to csv. When downloads are allowed within Google Chrome, the zipped reports are automatically downloaded. The following is an example of the download confirmation message:

GUID-0A3F0B97-A5B7-4F6E-A73B-8583429D1F89-low.png

By default, the Audit CSV file is in comma-separated values (CSV) Excel file format, however, the data is best viewed in a layout that uses semicolons to separate data.

Use Microsoft Excel to specify content delimiters using semicolons.

The following image provides an example of an Operational Audit Report after it has been formatted in Excel.

GUID-F3B17784-4570-4E26-84EC-3AD0AECE86F2-low.png

Report download limitations

Visualization Suite places two types of limits on the report download size.

Limit 1

When the report download size is exceeded, an error message displays, as shown in the following example.

GUID-C825E8FF-279D-402D-A914-51A35BBED8F7-low.png
Limit 2

Visualization Suite automatically updates the end date that matches the limitation. You can change the end date or click Export to csv to proceed with the download. For more information, see Administering domains.

GUID-F31683A9-1C4A-4268-8312-ED449BF55C3A-low.png

Prerequisites

Check that downloads are allowed in Google Chrome

  1. Open Google Chrome.

  2. From Customize and Control Google Chrome, select Settings.

  3. Click Show advanced settings.

  4. Go to Prifacy Content Settings.

  5. From Automatic Downloads, select Allow all sites to download multiple files automatically.

Change the location where downloaded files are saved

  1. Open Google Chrome.

  2. From Customize and Control Google Chrome, select Settings.

  3. Click Show advanced settings.

  4. From Downloads, adjust your download settings: To change the default download location, click Change and specify the location.

Download and format the audit report

  1. From Settings, select Audit.

  2. Select the report you want to generate.

    • Operational Audit Report

      Provides a chronological record of any action that affects a specific operation, procedure, or event.

    • Security Audit Report

      Provides logon success or failure, and account activity changes.

  3. Use the Start Date and End Date calendars to specify the time range for the report (up to 7 days, maximum), then click Export to csv.

    The report automatically downloads.
  4. Launch Excel and open a new blank workbook.

  5. Click the Data tab and select Get Data From File From Text/CSV.

  6. From the Import Data window, navigate to the the CSV file you downloaded at step 3, then click Import.

  7. Verify that semicolon is selected for Delimited, then click Load.

Reviewing Visualization Suite audit report data

Depending on the report type that was selected for download, the Audit CSV file provides either Operational Audit Report or Security Audit Report information about users and their actions while working in Visualization Suite.

Information about when users log out of Visualization Suite is not included in the Audit CSV file.

Operational audit report

The Operational Audit Report provides information about a user's actions within Visualization Suite, the type and duration of those actions, and the changes resulting from those actions.

ColumnDescriptionValues for entity typeValues for entity
Audit IDThe unique identifier of the Audit Record.
Domain Date/Time

The time that the user action started, based on the Domain time zone offset.

Although all date/time data is stored in UTC time in the Visualization Suite database, each domain can have its own domain time set for the applicable region (such as Pacific Time for California, USA). So, if a domain is configured for Pacific Time, then the date/time for the downloaded report will reflect that time zone.

Domain End Date TimeThe time that the user action ended.
User EmailThe Visualization Suite user account ID.Account of the user associated with performing the update action.Account of the user associated with performing the update action.
ActionThe type of user action. See the Action and Scope table.CREATE, UPDATE, VIEW, DELETE, SAVECREATE, UPDATE, VIEW, DELETE, SAVE
ScopeInformation about the user action. See the Action and Scope table.GROUPENTITY
ResultSuccess or ErrorSuccess or ErrorSuccess or Error
Object IDThe unique identifier of the Visualization Suite object.group_identity_id
ObjectThe type of Visualization Suite object, such as a Building, Camera, Videowall.GROUPPERMISSION
NameThe name of the Visualization Suite object.Group NameEntity Name
Field NameThe name of the field that changed.

permission

All permissions information is stored within Notes and Comments.

permission
Previous ValueThe original content prior to the change.

N/A

All permissions information is stored within Notes and Comments.

N/A
New ValueThe changed content.

N/A

All permissions information is stored within Notes and Comments.

N/A
Toast ErrorAn error message.Error message (if applicable)Error message (if applicable)
Notes/CommentsAny additional information that the audit captured.

An example when audio permission is removed from a group:

removed : 5d52c23dac647966008f2f91_audio - added :

Example:

0:[{"GroupId":"5d822a592a67948dc760dc62","Operations":["5cee8dc336b36650f8efdb4c_read","5cee8dc336b36650f8efdb4c_audio","5cee8dc336b36650f8efdb4c_delete"]}]

Security audit report

The Security Audit Report provides information about the audit record for the reported user action.

  • Audit ID

    The unique identifier of the Audit Record.

  • Domain Date/Time

    The time that the user action started on the identified client system.

  • User Email

    The Visualization Suite user account ID.

  • IP Address

    The IP address of the client system.

  • Browser

    The browser of the client system.

  • Action

    The type of user action. See the Action and Scope table.

  • Result

    Success or Error

  • Toast Error

    An error message.

  • Notes/Comments

    Any additional information that the audit captured.

Action and scope

The Action and Scope portion of the report provide the details about the user actions.

ActionScopeDescription
DOACTIONWhen DO operations are invoked
DOACTIONWhen DO operations are completed
EMAIL_SENTACTIONWhen a notification email is sent to the specified recipients
DO_RESULTACTIONWhen one of the following camera operations are performed:
  • Audio
  • Bookmark
  • Export
  • Playback
  • Play live
  • Preset
  • PTZ
  • Slew camera workflow
  • Stop
  • Stop transcoder
  • Tour
ACKALERTWhen someone acknowledges (Acks) a notification.
ACK_ARCHIVEALERTWhen someone acknowledges (Acks) and Archives a notification.
ARCHIVEALERTWhen someone Archives a notification.
UPLOADATTACHMENTWhen someone uploads an attachment
DOWNLOADATTACHMENTWhen someone downloads an attachment
DELETEATTACHMENTWhen someone deletes an attachment
VIEWATTACHMENTWhen someone views an attachment within the entity management page/blueprint
AUTHENTICATEAUTHWhen a user logs into Visualization Suite
RENEWAUTHWhen a client renews an access token
EXCEPTIONAUTHWhen an unmanaged or managed error occurs during authentication operations
PWD_CHANGEAUTHWhen a user changes their password
PWD_RECOVERAUTHWhen a password recovery action is completed
INVOKE_PWD_RECOVERAUTHWhen someone asks for password recovery
SEND_ACTIVATION_LINKAUTHWhen someone sends an activation link to a specific user
VIEWDOMAINWhen someone views the domain details page
UPDATEDOMAINWhen someone updates the domain details page
CREATEDOMAINWhen someone creates a new domain
DELETEDOMAINWhen someone deletes a domain
VIEWENTITYWhen someone views an entity from the entity management page or from the detail panel, except during cluster map navigation
CREATEENTITYWhen someone creates an entity
UPDATEENTITYWhen someone updates an entity
DELETEENTITYWhen someone deletes an entity
UPDATEENTITYTYPEWhen someone updates an entity type
CREATEENTITYTYPEWhen someone creates an entity type
DELETEENTITYTYPEWhen someone deletes an entity type
VIEWENTITYTYPEWhen someone views the entity type detail page
GENERICEXCEPTIONWhen an unmanaged or managed error occurs using no authentication operations
CREATEGROUPWhen someone creates a group
VIEWGROUPWhen someone views a group from the detail page
UPDATEGROUPWhen someone updates a group
DELETEGROUPWhen someone deletes a group
UPDATEPERMISSIONWhen an update within a group includes permissions
UPDATERETENTIONWhen someone updates a scheduled audit retention job (Admin portal API)
SAVERETENTIONWhen someone saves a scheduled audit retention job (Admin portal API)
DELETERETENTIONWhen someone deletes a scheduled audit retention job (Admin portal API)
RETENTIONSCHEDULERWhen a scheduled audit retention runs
VIEWUSERWhen someone views a user
CREATEUSERWhen someone creates a user
UPDATEUSERWhen someone updates a user
DELETEUSERWhen someone deletes a user
UPLOAD_LOCATIONENTITYWhen someone uploads a camera location CSV file from the camera entity list
DOWNLOADENTITYWhen someone downloads a camera list CSV file from the camera entity list
DOWNLOADAUDIT_REPORTWhen someone downloads an Audit report
MOVINGOBJECTSSCHEDULERWhen the MovingObjects offline status check schedule runs. Notes/Comments will contain the number of entitites that have been updated. For example, affected:2