View on GitHub

AAC

Audit

An audit trail is a ledger containing all the events which are relevant for a given realm, regarding:

Every event is collected by AAC and automatically transformed into a suitable transposition, always guaranteeing confidentiality and secrecy of the content.

The design of the system ensures that audit events are unmodifiable after their creation: they are received by a dedicated component and inserted into an append-only database.

Future releases will support the usage of external storage systems, content encryption and partial confidentiality.

Audit console

Administrators can access the dedicated console by navigating to the developer console and selecting Audit from the menu.

The interface lets users consult the registry, inspect events payload and verify their source. By inserting either a start date or and end date administrators can retrieve results from a specific time interval, and investigate suspicious activities at need.

Furthermore, the audit console is available directly from the users management console, where authorized administrators can review the specific user activity.