Audit Trail
Overview
The Audit Trail menu provides visibility into user and administrative activities performed within the OneDB Admin Console.
Administrators can use this menu to review recorded activities such as access to specific pages, read operations, configuration activities, and other system interactions. Audit Trail helps organizations maintain accountability, support troubleshooting, and provide operational evidence for security or compliance review.
Main Functions
Administrators can use the Audit Trail menu to:
- View recorded user activities
- Filter audit records by username
- Filter audit records by action type
- Review the timestamp of each activity
- Identify which user performed an action
- Review the related system module or entity
- View additional request details
- Support investigation and compliance review
Audit Trail Page
The Audit Trail page displays recorded events in table format.
Example columns:
| Column | Description |
|---|---|
| Timestamp | The date and time when the activity occurred. |
| Username | The user account that performed the activity. |
| Action | The type of activity performed, such as READ, CREATE, UPDATE, DELETE, LOGIN, LOGOUT, LOGIN FAILED or ERROR |
| Entity | The OneDB module, controller, or object related to the activity. |
| Entity ID | The specific object identifier, when available. |
| Details | Additional details related to the activity. |
Filtering Audit Records
The Audit Trail page provides filtering options to help administrators search specific records.
Available filters may include:
| Filter | Description |
|---|---|
| Username | Filters audit records based on a specific username. |
| Action | Filters audit records based on the selected action type. |
| Filter Button | Applies the selected filter criteria. |
| Reset Button | Clears the filter criteria and reloads the audit trail list. |
This allows administrators to quickly locate activities performed by a specific user or review specific types of actions.
Audit Details
Each audit record may include additional details related to the activity.
Example detail fields:
| Field | Description |
|---|---|
| FullURL | The URL or page accessed by the user. |
| ClientIP | The source IP address of the user or client, when available. |
Some details may be partially masked or hidden to avoid exposing unnecessary sensitive information.
The Show more option can be used to display additional audit details when available.
Common Action Types
Audit Trail may record different action types depending on the activity performed.
| Action | Description |
|---|---|
| READ | User viewed or accessed a page, resource, or record. |
| CREATE | User created a new configuration or object. |
| UPDATE | User modified an existing configuration or object. |
| DELETE | User removed an existing configuration or object. |
| LOGIN | User logged in to the system, if recorded. |
| LOGOUT | User logged out from the system, if recorded. |
| LOGIN FAILED | User attempted to log in but the authentication process failed. This may occur due to invalid credentials, inactive user status, or other authentication-related issues. |
| ERROR | The system recorded an error during a user action, system process, or request handling. Administrators should review the audit details and related logs for further investigation. |
Available action types may vary depending on the OneDB version and enabled audit logging behavior.
Example Audit Trail Record
Example audit record:
| Field | Example |
|---|---|
| Timestamp | 2026-04-26 17:06:57 |
| Username | admin |
| Action | READ |
| Entity | SystemController |
| Entity ID | – |
| Details | FullURL and ClientIP |
This indicates that the admin user accessed a system-related page or resource at the recorded time.
Recommended Practice
Audit Trail should be reviewed regularly, especially in production environments.
Recommended controls:
| Recommendation | Description |
|---|---|
| Restrict access | Only authorized administrators or auditors should access Audit Trail. |
| Review admin activity | Periodically review activities performed by privileged users. |
| Investigate unusual activity | Check unexpected access patterns, repeated failed actions, or suspicious configuration changes. |
| Use filters | Filter by username or action to simplify investigation. |
| Preserve audit records | Retain audit logs according to the organization’s security and compliance policy. |
| Combine with Syslog | Forward logs to centralized logging or SIEM when required. |
Important Notes
- Audit Trail records are intended to support operational visibility, accountability, troubleshooting, and compliance review.
- Audit Trail may record user activities, administrative actions, page access, system interactions, and other events depending on OneDB configuration and enabled modules.
- The recorded Entity may represent an internal OneDB module, controller, service, or managed object related to the activity.
- The Details section may contain request-related information such as URL and client IP address. Some values may be masked, partially hidden, or formatted to reduce unnecessary exposure.
- Audit Trail should not be treated as the only source of investigation. For deeper analysis, administrators may also need to review system logs, syslog records, appliance logs, and other monitoring information.
- Access to Audit Trail should be limited because it may contain operational information about users, system access, and administrative activity.
