IDM 7.5.0

Workflow audit

The audit service logs workflow information in the activity event topic (default location: openidm/audit/activity.audit.json).

Example workflow audit events using the provisioning-with-workflow sample:

Each step shows the action performed along with the resulting audit data.

  1. user1 completes the Contractor Onboarding Form.

    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-3871",
      "timestamp": "2020-05-06T17:39:52.021Z",
      "eventName": "workflow-create_process",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "user1",
      "runAs": "user1",
      "objectId": "workflow/processinstance/6",
      "operation": "CREATE",
      "changedFields": [],
      "revision": null,
      "status": "SUCCESS",
      "message": "Process created. processDefinitionId = contractorOnboarding:1:5, processDefinitionKey = null, businessKey = null",
      "passwordChanged": false
    }
  2. manager1 self-assigns the task.

    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5748",
      "timestamp": "2020-05-06T17:43:18.058Z",
      "eventName": "workflow-update_task",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "manager1",
      "runAs": "manager1",
      "objectId": "workflow/taskinstance/36",
      "operation": "UPDATE",
      "changedFields": [
        "/assignee"
      ],
      "revision": null,
      "status": "SUCCESS",
      "message": "Task updated",
      "passwordChanged": false
    }

    "changedFields":["/assignee"] only displays when conf/audit.json contains the property "watchedFields" : [ "assignee" ]. For a complete list of fields that can be watched in this situation, refer to the API Descriptor for UPDATE workflow/taskinstance/.

  3. manager1 completes the task. Notice that transactionId is correlated to all managed/user, and other, operations.

    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5868",
      "timestamp": "2020-05-06T17:43:22.138Z",
      "eventName": "activity",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "user1",
      "runAs": "user1",
      "objectId": "managed/user/d736487d-c146-4a0e-b677-ebfd6805b1d2",
      "operation": "CREATE",
      "changedFields": [],
      "revision": "000000001edd9dc2",
      "status": "SUCCESS",
      "message": "create",
      "passwordChanged": false
    }
    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5871",
      "timestamp": "2020-05-06T17:43:22.141Z",
      "eventName": "activity",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "user1",
      "runAs": "user1",
      "objectId": "internal/usermeta/cd237cca-913e-481e-9282-ba16c84b5131",
      "operation": "CREATE",
      "changedFields": [],
      "revision": "0000000030b45c3e",
      "status": "SUCCESS",
      "message": "create",
      "passwordChanged": false
    }
    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5876",
      "timestamp": "2020-05-06T17:43:22.145Z",
      "eventName": "relationship_created",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "user1",
      "runAs": "user1",
      "objectId": "managed/user/d736487d-c146-4a0e-b677-ebfd6805b1d2/authzRoles/ee5bbbce-a020-45db-ab41-66c80d84d8be",
      "operation": "CREATE",
      "changedFields": [],
      "revision": "00000000fe6da3a7",
      "status": "SUCCESS",
      "message": "Relationship originating from managed/user/d736487d-c146-4a0e-b677-ebfd6805b1d2 via the relationship field authzRoles and referencing internal/role/openidm-authorized was created.",
      "passwordChanged": false
    }
    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5879",
      "timestamp": "2020-05-06T17:43:22.147Z",
      "eventName": "relationship_created",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "user1",
      "runAs": "user1",
      "objectId": "managed/user/d736487d-c146-4a0e-b677-ebfd6805b1d2/manager/b58e5695-9e43-4e76-b89c-e5d69d3bf52d",
      "operation": "CREATE",
      "changedFields": [],
      "revision": "000000008dcca1b6",
      "status": "SUCCESS",
      "message": "Relationship originating from managed/user/d736487d-c146-4a0e-b677-ebfd6805b1d2 via the relationship field manager and referencing managed/user/038e65de-95ce-4180-94d3-4ea64bf25c6b was created.",
      "passwordChanged": false
    }
    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5882",
      "timestamp": "2020-05-06T17:43:22.149Z",
      "eventName": "relationship_created",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "user1",
      "runAs": "user1",
      "objectId": "managed/user/d736487d-c146-4a0e-b677-ebfd6805b1d2/_meta/d9299603-b768-44b6-a4c9-9b6441ca212e",
      "operation": "CREATE",
      "changedFields": [],
      "revision": "0000000027b29fb4",
      "status": "SUCCESS",
      "message": "Relationship originating from managed/user/d736487d-c146-4a0e-b677-ebfd6805b1d2 via the relationship field _meta and referencing internal/usermeta/cd237cca-913e-481e-9282-ba16c84b5131 was created.",
      "passwordChanged": false
    }
    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5908",
      "timestamp": "2020-05-06T17:43:22.778Z",
      "eventName": "activity",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "user1",
      "runAs": "user1",
      "objectId": "internal/notification/12aa1698-bb1e-42c6-a92d-2e959c217ad0",
      "operation": "CREATE",
      "changedFields": [],
      "revision": "000000004d025d75",
      "status": "SUCCESS",
      "message": "create",
      "passwordChanged": false
    }
    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5911",
      "timestamp": "2020-05-06T17:43:22.781Z",
      "eventName": "relationship_created",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "user1",
      "runAs": "user1",
      "objectId": "internal/notification/12aa1698-bb1e-42c6-a92d-2e959c217ad0/target/eec80d30-be1e-4c5d-9873-b4395373c833",
      "operation": "CREATE",
      "changedFields": [],
      "revision": "00000000b4c7a701",
      "status": "SUCCESS",
      "message": "Relationship originating from internal/notification/12aa1698-bb1e-42c6-a92d-2e959c217ad0 via the relationship field target and referencing managed/user/038e65de-95ce-4180-94d3-4ea64bf25c6b was created.",
      "passwordChanged": false
    }
    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5920",
      "timestamp": "2020-05-06T17:43:22.791Z",
      "eventName": "activity",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "user1",
      "runAs": "user1",
      "objectId": "internal/notification/eec030e5-e520-4cf1-99c2-a9bbecb0627b",
      "operation": "CREATE",
      "changedFields": [],
      "revision": "0000000033465ada",
      "status": "SUCCESS",
      "message": "create",
      "passwordChanged": false
    }
    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5923",
      "timestamp": "2020-05-06T17:43:22.794Z",
      "eventName": "relationship_created",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "user1",
      "runAs": "user1",
      "objectId": "internal/notification/eec030e5-e520-4cf1-99c2-a9bbecb0627b/target/11eb13f8-991f-45ea-95dc-e8f0fd0b95c3",
      "operation": "CREATE",
      "changedFields": [],
      "revision": "000000005134a80d",
      "status": "SUCCESS",
      "message": "Relationship originating from internal/notification/eec030e5-e520-4cf1-99c2-a9bbecb0627b via the relationship field target and referencing managed/user/d736487d-c146-4a0e-b677-ebfd6805b1d2 was created.",
      "passwordChanged": false
    }
  4. The audit service logs the workflow-complete_task event.

    {
      "_id": "f24ac83b-200c-449d-b017-d12b9c6c9091-5926",
      "timestamp": "2020-05-06T17:43:22.827Z",
      "eventName": "workflow-complete_task",
      "transactionId": "f24ac83b-200c-449d-b017-d12b9c6c9091-3865",
      "userId": "manager1",
      "runAs": "manager1",
      "objectId": "workflow/taskinstance/36",
      "operation": "complete",
      "changedFields": [],
      "revision": null,
      "status": "SUCCESS",
      "message": "Task completed",
      "passwordChanged": false
    }
Copyright © 2010-2024 ForgeRock, all rights reserved.