Audit Trail

Understand audit trail

A typical organization has several users accessing their applications and services. Monitoring every user's activity is crucial to alleviate potential threats to sensitive data and prevent data misuse. The Audit trail feature in Zoho Creator is a means to assist an organization by maintaining logs on the sequence of activities performed inside an application. This is helpful in case of security violations by identifying user behavior and the chronological order of events that caused them. You can customize what you review by settings filters based on specific dates, actions performed, record IDs and email addresses of users. This feature is form-specific and lets you view the history of the following action types performed in your application:

  • History of changes made to the records by you, your end users, and the application workflows. For example, when a user updates a record with new values, or deletes a record, the updated or deleted record values are logged with details like the old value, modified value, the user who modified or deleted the record, modified time, etc. 
  • History of print and export actions carried out in a report by users. Here, you can filter and view the respective actions based on a form's report. For example, when a user prints or exports a report, the report details like the report name, exported format, form name, columns exported, IP address, etc., are also logged.
    Note: Export and print actions from pivot reports (pivot charts and pivot tables) will not be captured in our audit logs.​

In short, the audit trail feature keeps track of the changes made in your application as well as when, by whom, and how much of data has been modified. This serves as documentary evidence for the sequence of activities in your application records and reports.

How long is data saved?

You can access the audit logs for record changes and report actions this far back:

Audit logData retention time
Record changes (edit and delete actions)1 year
Report actions (export and print)3 months
Tip: We recommend exporting the audit trail data once a year for record logs and every 3 months in case of report logs to avoid losing the audit history.

Configure the capture of IP Address and source information

You can capture the IP address and source information of users who make changes to your application records as well as export and print reports. By default, the option to capture IP Address and source information will be disabled. You can choose to enable it in the Settings tab as follows:

  1. Navigate to the required tab — Record Logs or Export & Print Logs.
  2. Click the Settings button at the top-right corner of the screen.
  3. Select the Enable option under Capture IP address and source information, then click Save.
    • When enabled, the IP Address and source information will be captured in the detail view of the audit logs. 
    • Upon disabling, the future audit logs will not capture the IP Address and source information. The previous logs will remain unchanged, i.e., they will display the IP Address and source information. 

View record edit history

  1. Edit your application.
  2. Navigate to the Settings page.
  3. Click the Audit trail option under Data Administration.

  4. Select the formfor which the audit trail has to be recovered, then click Proceed.
  5. The edit history of the selected form for the last 365 days will be displayed.
  6. You can choose to capture the IP Address and source information in the detailed audit logs by clicking the Settings button at the top-right and enabling it.
  7. The audit history can be filtered using the Filters section at the right side of the page. Date filter should be cleared off when switching between audit tabs.​
    Note: The Select date and Select range picker allows you to select an option from the past one year for every change that is audited.

  8. Click on an entry in the list to view the detailed audit record.

Manage personal data and health information capture for fields 

When you're using fields in your Zoho Creator applications to capture any sensitive, confidential, or personally identifiable information (PII), you can add another layer of protection for them by enabling the Contains personal data and when you're using fields to capture health related information, you can enable the Contains health info field properties. Enabling the above two field properties also asks you to encrypt the collected data.

  1. Edit your app.
  2. Open the form builder.
  3. Select the required field. Its Field Properties will appear on the right.
  4. Navigate to the Field Properties > Data Privacy section.
  5. Check the checkbox next to Contains personal data (PII).
  6. Check the checkbox next to Contains health info (ePHI).
  7. Click Yes in the respective dialog box appears to encrypt your data.

The fields that are marked as containing ePHI (Electronic protected health information) and PII (personally identifiable information) data are captured in the detailed audit logs for export and print actions.

View report export and print history

Note: The below mentioned mobile apps will log export and print actions once the source code is updated from our side in the server.
  • In case of code signed apps (Android and iOS), the export and print actions will be logged only after a new build is taken from our server.
  • In case of SDK apps, the export and print actions will be logged only after the framework is updated to the latest version.
  1. Repeat steps 1- 4 as above.
  2. Navigate to the Export & Print Logs tab.
  3. The print and export history of all reports of the chosen form for the last 90 days will be displayed. 
  4. You can choose to capture the IP Address and source information in the detailed audit logs by clicking the Settings button at the top-right and enabling it.
  5. The audit history can be filtered using the Filters section at the right side of the page.
  6. You can change the chosen form under the Form Name dropdown.
  7. All reports of the form will be chosen by default. You can select the required report (active or deleted) of the form for which you want to view the print and/or export actions. 
  8. Check the checkboxes beside the required actions - Exported and Printed to view the respective audit logs.
  9. Select the required date or specify a range to view the audit information. Date filter should be cleared off when switching between audit tabs.
    Note: The Select date and Select range picker allows you to select an option from the past one year for every change that is audited.
  10. You can also type a specific user's email address to view the history of their export and print actions.
  11. Click on an entry in the list to view the detailed audit record for export and print logs.
    • Below image shows how the Detailed Export Log looks like. The ePHI (Electronic protected health information) and PII (personally identifiable information) fields are captured in the detailed audit logs upon enabling the respective field properties for fields that capture any sensitive, confidential, or personally identifiable information fields.

    • Below image shows how the Detailed Print Log looks like:

  12. Click the Export button to export the required audit data. 

Export audit logs

The audit logs for both record changes and export and print actions can be exported by clicking the Export button in the respective tabs. You can filter the data to be exported by choosing the required option under the Filters tab and click Export. The data will be downloaded to two separate CSV files. 

Share this post : FacebookTwitter

Still can't find what you're looking for?

Write to us: support@zohocreator.com