Download security logs for all users as a CSV file.
Download the security logs for all users in your ProcessMaker Platform instance. Security logs prepared for download remain available for 24 hours. Thereafter, the security logs must be compiled again.
ISO/IEC 27001 is an excellent standard for information security management systems (ISMS). An organization complying with ISO/IEC 27001 has put in place a system to better manage risks related to the security of data owned or handled by that organization. In compliance with ISO/IEC 27001, ProcessMaker Platform logs multiple aspects of each user's activity throughout the platform.
In the Security Logs tab within each user account, ProcessMaker Platform maintains a record of the datetime, and IP address for the following activities that user performs:
Log on: Each successful and unsuccessful log on attempt
Log off: Each log off from ProcessMaker Platform
User profile changes: Any changes to that user's profile, including:
profile information
group memberships
permissions
API tokens, including creation, update, and deletion
Collections: Reading, creating, updating, and deleting any Collection or Collection record
Settings: Changing settings, including:
Create or revise any email server or changes in their configuration options (including IMAP)
Enable new SSO options or change configuration options
Enable or change configuration options to other systems, such as DocuSign and IDP
Enable LDAP or SCIM or change their configuration options
Enable or disable User Signals
Update User Extended Properties or change their designated time zone
Customize UI: Changes within the Customize UI menu (inputs to change setting values, including deletions)
System messages: System alerts and errors (including within Requests)
Other user activities: Other user activities in the platform, including:
Create, update, publish, archive, or unarchive a Process
Create, update, or delete any Designer asset, including Process Templates, Screens, Scripts, Environment Variable, Data Connector, PM Blocks, Decision Tables, or Vocabularies
Create, update, or delete any non-Designer assets, including Saved Searches, Saved Search Charts, auth client, Script Executors, Dynamic UI dashboards or menus, or Translations
Perform global or local search queries
Access, reassignments, retries, rollbacks, and completion of Tasks, including parent Request ID
Start, cancel, and complete Requests
Access Queue Management/Laravel Horizon by section name
Create a user or group
See Security Log Events for a description of each user activity event.
Follow these steps to download security logs for all users:
View all user accounts. The Users tab displays.
Click the Logs button. ProcessMaker Platform compiles the security logs from your your AWS S3 bucket in the background. You may continue working as necessary in ProcessMaker Platform. The following message displays from the currently displaying page when the security logs are ready to download: Click on the link and download the file. This link is available for 24 hours.
Click the Download link. The security logs download in CSV format.
View these security log event labels when:
Event Label | Event Description |
---|---|
ActivityReassignment
AnalyticReportCreated
Create an analytic report
AnalyticReportDeleted
Delete an analytic report
AnalyticReportUpdated
Configure an analytic report
AuthClientCreated
AuthClientDeleted
AuthClientUpdated
CategoryCreated
CategoryDeleted
CategoryUpdated
CollectionAccessed
View all records in a Collection
CollectionCreated
Create a Collection
CollectionDeleted
Delete a Collection
CollectionRecordAccessed
View a Collection record
CollectionUpdated
Configure a Collection
CustomizeUiUpdated
DashboardCreated
Create a Dashboard
DashboardDeleted
Delete a Dashboard
DashboardUpdated
Edit a Dashboard
DataConnectorCreated
Create a Data Connector
DataConnectorDeleted
Delete a Data Connector
DataConnectorResourceAction
Add, edit, or delete a resource from a Data Connector
DataConnectorUpdated
Edit Configuration for a Data Connector's REST Data Source or Edit Configuration for a Data Connector's SOAP Data Source
DecisionTableCategoryCreated
Create a Decision Table category
DecisionTableCategoryDeleted
Delete a Decision Table category
DecisionTableCategoryUpdated
Edit a Decision Table category
DecisionTableCreated
Create a Decision Table
DecisionTableDeleted
Delete a Decision Table
DecisionTableUpdated
Edit a Decision Table
EmailServerCreated
Create an Email Server Configuration
EmailServerDeleted
Delete an Email Server Configuration
EnvironmentVariablesCreated
EnvironmentVariablesDeleted
EnvironmentVariablesUpdated
FilesAccessed
FilesCreated
FilesDownloaded
FilesUpdated
FolderAccessed
FolderCreated
FolderDownloaded
FolderUpdated
GroupCreated
GroupDeleted
GroupUpdated
GroupUsersUpdated
Login
Each successful and unsuccessful log on attempt
Logout
Each log off from ProcessMaker Platform
MenuCreated
Create a Menu
MenuDeleted
Delete a Menu
MenuUpdated
Edit a Menu
PermissionUpdated
PmBlockArchived
Archive a PM Block
PmBlockCreated
Create a New PM Block
PmBlockUpdated
ProcessArchived
ProcessCreated
ProcessUpdated
QueueManagementAccessed
RecordCreated
Create a Collection Record
RecordDeleted
Delete a Collection Record
RecordUpdated
Edit a Collection Record
RequestAction
Create, Cancel, or Complete a Request
RequestError
When a Request has errors
SavedSearchChartCreated
Create a Saved Search Chart
SavedSearchChartDeleted
Delete a Saved Search Chart
SavedSearchChartUpdated
Edit a Saved Search Chart
SavedSearchCreated
Create and Share a Saved Search
SavedSearchDeleted
Delete a Saved Search
SavedSearchRecounted
Manage Your Own Saved Searches
SavedSearchUpdated
Configure a Saved Search
ScreenCreated
ScreenDeleted
ScreenUpdated
ScriptCreated
ScriptDeleted
ScriptExecutorCreated
ScriptExecutorDeleted
ScriptExecutorUpdated
ScriptUpdated
SettingsUpdated
Edit Settings.
SignalCreated
SignalDeleted
SignalUpdated
TemplateCreated
TemplateDeleted
TemplatePublished
TemplateUpdated
TokenCreated
TokenDeleted
TranslationReseted
TranslationUpdated
UnauthorizedAccessAttempt
URLs that are not allowed to access
UserCreated
UserDeleted
UserGroupsUpdated
UserRestored
UserUpdated
VocabularyCreated
VocabularyDeleted
VocabularyUpdated
WebEntryAccessed
Start a Request through the Web Entry URL