OpenRMF^® Professional Audit Logging

Audit logs are saved throughout the application for all actions and components by default. You can set the filter of saving Audit Logs in the Settings Area. For all logs generated, you can view the date and status, component used, type, action, and the user performing the action. You also can see the URL called if the audit was created from a user’s action in the web user interface.

Types of Audit Entries

There are several types of audit entries that are made. The main types of audits are Failure, Success, and Info. Outside of that the application audits on types of actions that relate to the areas of OpenRMF^® Professional. Examples include Audit, Checklist, System, Template, POAM, and Reports. (Yes, we audit when you list Audits!) Within each area, we audit whether a user issues a create, write, delete, edit, download, or security type of action. And then we list all components to filter down to the service level of OpenRMF^®.

You also can add textual searches for “Contains” type of filter for the System Key, a Username, a User Id, or an IP Address. Contains means “it must contain this text” and that could be at the beginning, end, or in the middle somewhere for the field it is matching.

Audit Log Filtering

You can filter the listing of audits. By default, the last 31 days of audits are listed. This can be modified by using the Filter just above the table listing and clicking the “Set Filter” button. You can clear it back to the default by clicking the Filter button and choosing the Reset button. The applied filter appears next to the Filter button when you have one set.

Exporting Logs

You also can export the current Audit listing to Microsoft Excel (*.XLSX) for review or importing into your favorite tool for analysis.

---