Skip to main content

Security: Ometria audit logs

Louise MacBean
  • Updated

Audit logs help companies monitor user activity and keep track of potential security breaches or internal misuses of information. 

Ometria’s audit log records the following activity per Ometria account user:

  • Authentication activity
  • Report generation and data export
  • All activity in the the users and permissions area

The audit log helps you track who did what, where they did it, and when. 

Note: If your business has multiple Ometria accounts (e.g. for different stores), you will need to check the individual log for each account.

Go to: Your account > Security

Note: Only users with administrator permissions can access this page.

You have access to the last 30 days of activity by default.

Screenshot_2021-03-11_at_14.54.28.png

Narrow down your date range using the following filters: 

  • Today 
  • Yesterday 
  • Last 7 days 
  • Last 28 days 
  • Custom range
Screenshot_2021-03-11_at_14.58.35.png
Note: The Last 7 days and Last 28 days ranges include ‘today’.

Search and filter

You can search for specific activitytargets and IP addresses, and you can filter the log by a number of conditions:

Screenshot_2021-03-11_at_14.59.45.png

Field

Description

Search

Enter a target user or activity type to search and use the dropdown options:

  • Contains - to search for the phrase you entered
  • Does not contain - to exclude the phrase you entered
Note: The search field is case sensitive, we recommend searching keywords, e.g. Cohort, Products, Kpis etc.

Areas

Select the areas you want to view.

Activities

Select the activities you want to view.

Target

Select from:

  • User - for activity targeting a user account (e.g. a change in their permissions)
  • Report - for activity in a report (e.g. generation and export)

Users

Select the users whose activity you want to view.

Countries

Select the countries which the IP addresses belong to.

Columns

Select the columns you want to display. 

Area

This column indicates where in the platform a logged event happened. The areas are AuthenticationUsers and permissions and Reporting.

Authentication

Authentication events are to do with logging in and out of Ometria, as well as password changes. 

Events

Description

Logging-in

When a user enters their username and password and successfully accesses the Ometria platform.

Resetting password 

When a user clicks on the Forgotten password? link on the login page.

Failing password 

When a user enters the wrong password on the login page.

Changing user password 

When a user changes their password to a new one.

Requesting password reset link 

When a user clicks on the Reset Password button on the Reset your password page.

Users and permissions

Users and permissions events are to do with any changes to a user’s access rights in the platform. These changes can only be made by an administrator from Settings.  

Events

Description

Creating users

When an admin user creates a new user in the Users and permissions area.

Deleting users 

When an admin user deletes an existing user in the Users and permissions area.

Adding permissions

When an admin user adds new permissions to another user.

Removing permissions 

When an admin user removes permissions from another user. 

Requesting password reset link 

When an admin user requests a password reset link on behalf of another user.

Reporting

Reporting events are to do with report generation and export in the platform.

Events

Description

Data export requested

When a user with permissions to export data generates a report by clicking any of the Export buttons in the platform.

Data export downloaded

When a user with permissions to export data downloads a report they generated.

Activity

The Activity column provides details about the specific action the user performed, e.g. Added permissions, admin, export.

Target

The target is the user or component (e.g. report) which has been acted upon by the User

Type

Description

User 

The user affected by the activity e.g removing or adding permissions.

Reports

The report which has been either generated or downloaded.

User

The user is the person who performed the activity.

E.g. If sarah@fashion.com changed bill@fashion.com’s user permissions to include ‘can export data’, Sarah is the user and Bill is the target

Note: Ometria users (i.e. Ometria employees) will not display in your audit log. Click here for Ometria’s privacy policy.

IP address

The IP address from which the activity originated. An IP address is a unique number linked to all online activity for this contact.

Country

The country location of the IP address - either as registered by the ISP or the organisation responsible for the IP address (e.g. your company). 

Note: Be aware that there is no way to report the location of a person based on their IP address with 100% accuracy - the value in this field is our best effort to identify the country.

Timestamp

The time and date the activity took place, displayed in UTC

Common questions

How realtime is the data in the audit logs? 

Activity displays in the audit logs within five minutes of being performed. 

How far back in time can I look?

You can see activity for the past 30 days. 

You can also only look back at data from the moment the audit log feature was enabled for your account. 

For example, if you had the audit logs enabled on 1st July 2020, you cannot see data from June 2020. 

Who has access to the logs? 

All users with the administrator role. 

You can revoke access to the audit logs by changing a user’s role from Administrator to User in Settings and permissions

See: How to change an Administrator role to a User role

Can an admin user delete or edit the logs? 

Ometria’s audit logs are read-only; nobody can delete or make any changes to the information. 

Can I export the data in the logs via CSV or API?

The data in the Audit Logs screen is not currently exportable or accessible via the API

If you would like to see this feature in the future, contact your customer success manager with your feedback.

Related articles

Comments

0 comments

Please sign in to leave a comment.