Date: Fri, 29 Mar 2024 15:21:02 +0000 (UTC) Message-ID: <650252249.8159.1711725662712@ip-10-10-7-29.ec2.internal> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_8158_879968371.1711725662710" ------=_Part_8158_879968371.1711725662710 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
For Grouper 2.5 and above see Get Audit Entries
Groups are often used to control access to resources or to target commun= ications. Group attributes, memberships and privileges may change at any ti= me with potentially important consequences, so simply knowing how a group l= ast changed is insufficient to investigate why, for example, an individual = lost access to a resource. An audit log of high level user actions allows a= dministrators to understand the history of groups, group types and stems. A= udit entries may be queried by object or the subject responsible for a chan= ge.
High level actions are audited. For example if a group is deleted,= all of the related memberships and privileges for that group are deleted a= s well. But there will only be one audit entry for the group delete.&= nbsp;
Group admin privilege is required = to view the audit log.
Note that User Auditing, described here, is different from point in time auditing which pro= vides the ability to query the state of Grouper in the past. Point in= time auditing allows you to determine all the direct and indirect members = that a group had at any point in time, or to determine all the permissions = a person had.
For user auditing, the following fields are stored for each user audit e= ntry:
For each action various additional data is stored, e.g. if a group was c= reated, then the group id, group name, etc are stored
You can import/export auditing data, but this is a different file than t= he normal Grouper export file, with the same command. You will see tw= o different XML files.