Download Security Logs for All Users

Download the security logs for all users in your ProcessMaker Platform instance. Security logs prepared for download remain available for 24 hours. Thereafter, the security logs must be compiled again.

ISO/IEC 27001 is an excellent standard for information security management systems (ISMS). An organization complying with ISO/IEC 27001 has put in place a system to better manage risks related to the security of data owned or handled by that organization. In compliance with ISO/IEC 27001, ProcessMaker Platform logs multiple aspects of each user's activity throughout the platform.

In the Security Logs tab within each user account, ProcessMaker Platform maintains a record of the datetime, and IP address for the following activities that user performs:

• Log on: Each successful and unsuccessful log on attempt

• Log off: Each log off from ProcessMaker Platform

• User profile changes: Any changes to that user's profile, including:

  • profile information

  • group memberships

  • permissions

  • API tokens, including creation, update, and deletion

• Collections: Reading, creating, updating, and deleting any Collection or Collection record

• Settings: Changing settings, including:

  • Create or revise any email server or changes in their configuration options (including IMAP)

  • Enable new SSO options or change configuration options

  • Enable or change configuration options to other systems, such as DocuSign and IDP

  • Enable LDAP or SCIM or change their configuration options

  • Enable or disable User Signals

  • Update User Extended Properties or change their designated time zone

• Customize UI: Changes within the Customize UI menu (inputs to change setting values, including deletions)

• System messages: System alerts and errors (including within Requests)

• Other user activities: Other user activities in the platform, including:

  • Create, update, publish, archive, or unarchive a Process

  • Create, update, or delete any Designer asset, including Process Templates, Screens, Scripts, Environment Variable, Data Connector, PM Blocks, Decision Tables, or Vocabularies

  • Create, update, or delete any non-Designer assets, including Saved Searches, Saved Search Charts, auth client, Script Executors, Dynamic UI dashboards or menus, or Translations

  • Perform global or local search queries

  • Access, reassignments, retries, rollbacks, and completion of Tasks, including parent Request ID

  • Start, cancel, and complete Requests

  • Access Queue Management/Laravel Horizon by section name

  • Create a user or group

See Security Log Events for a description of each user activity event.

Follow these steps to download security logs for all users:

1. View all user accounts. The Users tab displays.

2. Click the Logs button. ProcessMaker Platform compiles the security logs from your your AWS S3 bucket in the background. You may continue working as necessary in ProcessMaker Platform. The following message displays from the currently displaying page when the security logs are ready to download: Click on the link and download the file. This link is available for 24 hours.

3. Click the Download link. The security logs download in CSV format.

Related Topics