Audit Logging

Audit logs are designed for auditors who need to take a detailed look at what occurs in the Sinch Contact Pro system. By activating the audit log, you keep a record of the activities you consider relevant for auditing. You can later on access this information for evaluation.

The audit logs’ main objective is to record:

  • Security-related changes

  • Information that provides a higher level of transparency

  • Information that enables the reconstruction of a series of events.

For example, the following pieces of information can be recorded in the audit log:

  • Successful and unsuccessful logon attempts

  • Successful and unsuccessful attempts to change user information or access rights

  • Successful and unsuccessful access to protected user information

  • Changes to the audit configuration

  • Changes to the system configuration

  • Start and stop of a server process (for example, when AS starts or stops) *

  • Start of a user session *

  • Opening and closing of communication channel between a client and a server *

  • Rejecting of communication channel request from a client.*

  • Agent over-riding no-consent information when recording calls. Added in 1711.

* Added in SP06. User-session and channel-related events are not applicable in Online Monitoring or Reporting, but only CDT and SC are covered.

Note: Audit logs may contain personal data which in many countries are protected by data protection regulations. To prevent unauthorized access, system administrators should protect the audit log directory with proper operating system user rights. Give only read access to the allowed users, and audit the directory with operating system auditing tools. Before using the audit log, make sure that you follow the data protection laws that apply to your area of application.

By default, audit logs are written into the same directory as trace log files (defined during installation with the virtual unit variable Log Path). To write audit logs into a different directory than the trace logs, set the path to AuditLogPath registry parameter on the module level.

Audit logs are saved for the time defined in Common Log Settings.

Configure audit logging settings with the Logging Configuration Wizard:

  1. Choose the modules to be audit logged.
  2. Click the Filter icon and choose Show Audit Log Settings.
  3. Select in the AuditEventMask field which events are logged. The default value is presence+failure+system+config. (Changed in 1911.)
    example: For example, to audit log about reading and changing personal data, select the read+ modify events for the following modules:
    • Agent Server
    • Batch Job Server Local BCM API
    • CEM Server
    • If there are integrations used in the system, also Restful Interfaces Local BCM API for restful interfaces, or the Administration and Configuration Interface (ACI).
    See the events in the table below.
  4. Select the log file format in the AuditLogFormatter field. The default value is BCM.
  5. To apply changes, choose Next Step.
Table 1. Audit Logging Settings

Setting

Description

AuditEventMask

Select the event types that are included in audit logs. Several selections are shown separated with a plus sign, for example, presence+failure+system. To select an event type, click it. To remove the event type from selected types, click it again.

  • presence: Events related to presence of a user or device.

  • config: Events related to configuration data or process.

  • rights: Events related to user rights and access control.

  • modify: Events related to modifying information. Use this value to log changes made to any data or configuration.

  • read: Events related to reading information.

  • failure: Events related to situations when something has failed, for example unsuccesful logon attempts, or unsuccessful attempts to change user information or access rights.

  • system: Events related to the Sinch Contact Pro server system state, such as starting and stopping of a server module. Added in SP06.

AuditLogFormatter

Select one of the following formats:

  • BCM: The default format, prints the file with the extension .log.

  • GLF: Generic Logfile Format, prints the file with the extension .glf. Prints category, module name and format by default. Enables using the Log Viewer and SAP Solution Manager for analyzing and managing logs.

  • List: List Log format, prints the file with the extension .log. Prints category and module name by default.