The Audit Trail

A lot can happen on a Wrapsite, and some of it may be unwanted. The Audit Trail allows you to review what people have done on the Wrapsite, by maintaining a log of when people login, read data, and change things.

Most days, your Wrapsite happily chugs along and there’s nothing to do with it. But there are two main situations when you may want to know more about what people actually did on the Wrapsite:

  1. Data was corrupted and you want to find out who caused the problem so that you can help them avoid doing the same error again.
  2. You worry that someone is illegitimately copying data from the Wrapsite.

To help you keep track of what has happened on your Wrapsite, ExcelWraps leaves an Audit Trail where you can review past events. You find the Audit Trail and its settings on the Wrapsite’s Administration dashboard. You can also export the Audit Trail to a file as described below.

As you can see in the screenshot, there are also separate settings that allow you to tailor the audit trail. These settings are documented at the end of this help page.

Screenshot of the Audit Trail shortcut in the Administration dashboard's sidebar

Use MyWraps when auditing signatures

Some common auditing functions are best performed using MyWraps reports. If you want to see a list of all wraps a user has signed off, follow these steps:

  1. Create a MyWraps report for the wrap template.
  2. Add a column for the main signature cell in the wrap template.
  3. For the signature column, set the data type to sig-username so that it returns the name of the user that signed off each wrap.
  4. Filter the signature column on the user name you want to track.
  5. The report now contains all the wraps signed off by this user.

Don’t hesitate to contact client services if you need help to create a report.

Filter events

You access the audit trail on your Wrapsite’s Administration > Audit Trail page.

Page header

Screenshot of the header for the Audit Trail page on a Wrapsite

The Apply button filters the events in the Audit Trail according to the various filter settings and updates the list of events.

From-to filter

You can show events within a specific timeframe. For the date, use the calendar to select the start and end dates or type the date directly. Several common date formats are supported, like dd/mm/yyyy or yyyy-mm-dd.

Type the time in hh:mm format. You can insert the current time by pressing the center button on the D-pad (joystick) icon to the right of the field. Select the hours or minutes with the right/left arrows, and use the up/down arrows to adjust the selected time component.

All times are expressed relative to the UTC (Greenwich meridian) timezone.

Category filter

You can filter the list of events on the various categories of events:

  • Content items – These are resources in the content management system like webpages, blogs, etc and the log shows you when they were created, updated, published, etc.
  • Audit Trail Settings – Logs any changes to the Audit Trail setup itself.
  • Users – Anything users do, like login/logout, failed login, password change, lost password, etc.
  • Roles – Events related to Role definitions, e.g. created, removed, renamed, permission granted/revoked, a user gets or loses a role, etc.
  • ExcelWraps Generic – These events currently log when server jobs are created by the WrapStack function.
  • ExcelWraps MyWraps – A report was viewed.
  • ExcelWraps Definition – Keeps track of when Wraps are created, updated, deleted, etc.
  • ExcelWraps Instance – Events related to Wrap instances like when they are created, viewed, updated, signed/unsigned, deleted, etc.

User filter

Enter the user name to filter the list to show only the events related to one user.

Read/Write filter

You can shorten the list of events by viewing only the events that changed something in the system.

  • You can view any kind of Read events, i.e. operations that did not change anything on the server. This can be helpful if you’re only looking for logins, instance views, reports, etc.
  • You can view Write events that changed the server contents in any way. This includes updates to Wraps and instances, registering and changing User information, Users getting new Roles and much more.

Sort by setting

You can sort the events in the order of

  • Date (newest first), so that the most recent events come first.
  • Category (alphabetical), with the most recent entries per category first.
  • Event name (alphabetical), with the most recent entries per event name first.

List header

The Category column contains the category for the event.

The Event column tells you what happened.

The Read Only column contains True for entries that did not modify data.

The User column contains the User name associated with the event.

The Client IP column contains the network address for the device the User was using when the event occurred.

The Timestamp column tells you when the event occurred. All times are expressed relative to the UTC (Greenwich meridian) timezone.

The Summary column briefly describes the event.

The Details link opens the event in a format more suitable for printing.

List entries

If you click on the Details link for an event, it opens in a format more suitable for printing.

The number of items per page is controlled by the Show parameter at the bottom of the list. If the number of items exceeds this setting, a page navigation control appears to the right of it, allowing you to navigate directly to the page you want.

Screenshot of the pagination options at the bottom of a list of items

Audit Trail Event

The details for each event in the audit trail should be self-explanatory. Please contact client services if you need any help decoding the Audit Trail.

User events – examples

User has lost his password

We don’t have a user name until the user clicks on the link and sets a new password.

User name:

User changes password

User name: MagnusWester

User logs in

User name: MagnusWester

Login failed

Attempted user name: thomaschardon

Role events – examples

User gets a role

The user ShamaShakya10072020 was added to the role H-Staff.

User loses a role

The user ShamaShakya10072020 was removed from the role H-Staff.

ExcelWraps generic events – examples

User attempts queues a server job using WrapStack

User ShamaShakya Event wrap stack post
Source: d194cf6f-c34e-4f92-b2de-d7dbee60ca92
Url: api/wrapstack/d194cf6f-c34e-4f92-b2de-d7dbee60ca92
Blob: {“headers”:[“TargetWrap”,”unit”,”duedate”,”Loc”,”contract”,”SourceMyWraps”],”data”:[[“TMX-SO_short”,”43064″,44043,”Birmingham Tyseley”,”C8″,”TMX-JobDefintion?Options.state=Frozen&Options.Creator=Any&pageSize=0&Options.columns=JobNo,version,safetycritical,safetycondition,in_PPE,In_Competence,In_TargetMIns,In_TeamMin,Material,Material2,Material3,In_Tools,in_testquip,In_MeaSched,In_MeaSched2,In_MeaArising,In_WorkFlow,in_arising,In_Task,In_Task2,applicability,,jobtitle.string,cartype5.string,cartype9.string,issue.string,jobtype.string,solength&Options.MaxRows=500&Options.AutoNumberFilter=Max&pageSize=100&Filter.solength=short&Filter.applicability=C8″]],”options”:{“recalculate”:true,”action”:1}}

ExcelWraps MyWraps events – examples

User views a report

User ThomasChardon viewed MyWraps Report for wrap definitionTMX-AAW which returned 4 rows

ExcelWraps Definition events – examples

User creates a Wrap

User JohnDoyle created wrap Role-Definition (Id: 426)

User updates a Wrap

User JohnDoyle updated wrap Role-Definition (Id: 426)

ExcelWraps Instance events – examples

User views a Wrap instance

User JohnDoyle viewed wrap TMX-SO_short (Id: 428) Instance with Unique Keys c8|1|cv0148|bounds green|44021

User updates a Wrap instance

User JohnDoyle updated wrap TMX-SO_short (Id: 428) Instance with Unique Keys c8|1|cv0148|bounds green|44021

User deletes a Wrap instance

User ShamaShakya deleted wrap TMX-SO_short (Id: 428) Instance with Unique Keys c8|1|bzs9302|bounds green|44021

Export the Audit Trail to a file

You can export the Audit Trail to a file.

  1. Navigate to Administration dashboard > Import/Export and select the Export tab.
  2. Locate the Audit Trail section and select it by ticking on its checkbox.
  3. By default, all entries for the current calendar day will be exported. You can change the timestamps for the first and last log entry you wish to export. Please use the date and time formats that have been selected for your Wrapsite. All times are expressed relative to the local time for your Wrapsite.
  4. If you need the Audit Trail for a period longer than 7 days, you must perform two or more exports.

Screenshot of the Audit Trail settings in the Import/Export section of the Administration dashboard

Example of an exported Audit Trail

The export operation creates a ZIP file that contains an XML file. Please note that the timestamps in the file are relative to UTC, as indicated by the time zone.

<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<!--Exported from Orchard-->
<Event Name="LogInFailed" FullName="Orchard.AuditTrail.Providers.Users.UserAuditTrailEventProvider.LogInFailed" Category="User" CreatedUtc="2020-10-24T09:47:29Z" EventFilterKey="user" EventFilterData="">

Settings related to Audit Trail

You can control in detail what events to log in the Audit Trail using the settings at Administration dashboard > Settings > Audit Trail.

  • Users – login/logout, failed login, password change, lost password, etc.
  • Roles – created, removed, renamed, permission granted/revoked, user gets/loses role, etc.
  • Wraps – created, updated, deleted, etc.
  • Wrap instances – created, viewed, updated, signed/unsigned, deleted, etc.
  • Reports – user views a report
  • Wrapsite content items (webpages, blogs, etc) – created, updated, published, etc.

Screenshot of the Audit Trail settings

Logging IP addresses

If you want the Audit Trail to include the IP address for the device that was used to create the event, tick the checkbox at the end of the list.

Screenshot of the Client Ip address logging setting for the Audit Trail