BlueFletch Enterprise
  • BlueFletch Enterprise
  • Product Guides
    • BlueFletch Launcher
      • Configurable Layouts
        • Layouts
        • Orientation Options
        • Criteria
        • Widgets
        • Implied Groups
        • Kiosk Mode
        • Persistent Foreground App
        • Password Protected Applications
        • Quick Start Applications Folder
        • Layout Custom Actions
        • Replacement Values
        • Assets Manager
      • Theming
        • Configure Theme
        • Site-Specific Theming
        • Custom Field Display
      • Site Information Service
      • Custom Intents
        • Standard Android Intents
        • Platform Actions
        • Filtering
        • Technical Guide
      • Security and Safety
        • Clear App Data on Logout
        • Application Enabler
        • Disable Packages
        • Key Management
        • NFC Enable/Disable
        • Secure Notifications
        • Wi-Fi UI Settings Enable/Disable
        • Motion Activated Device Lock
        • Unique Login
        • Local Admin Password
        • Device Remote Lock
      • Device Loss Prevention
        • Low Battery Mode
        • Luggage Tag Mode
        • Secure Device Mode
      • Launcher Provider SDK
      • Load Configurations via QR Code Scan
      • Getting Started
      • Technical Guide
      • Release Notes
    • Authentication and SSO
      • Features
        • Secondary Authentication
          • PIN
          • Face Recognition
          • NFC Tag
          • Barcode
          • Alternate Secondary Authentication
      • Technical Guide
        • LDAP
        • AppAuth/OIDC
        • Okta (Session)
        • MSAL
        • ADFS 3.0/2012 Using ADAL
      • Release Notes
    • Support Application
      • Features
        • Events to Splunk
        • Logs to Azure
        • External Configuration Support
        • Application Usage History
        • Generating RxLogger Log Files
      • Technical Guide
        • Event Information
        • Event Examples
      • Support Installer
      • Getting Started
      • Release Notes
    • Device Finder
      • Features
        • Device Details
        • Device Status
        • View Site Devices
      • Technical Guide
      • Getting Started
      • Release Notes
    • Browser
      • Features
        • Custom Scripts
        • FIDO2 / Webauthn Support
        • URL AllowList and BlockList
      • Technical Guide
        • Configuring Browser
        • All Configuration
        • Available Intents
        • APIs and Page Actions
      • Release Notes
    • Chat
      • Features
      • Technical Guide
      • Getting Started
      • Release Notes
    • Playbook Agent
      • Features
      • Getting Started
      • Release Notes
    • Portal
      • Login & Logout
      • Navigation & Account Settings
      • Support Agent
        • Home
        • Device Details
        • Dashboards
        • Cards
        • Event Explorer
        • Reports
      • Enterprise Launcher
        • Creating a Configuration
        • Sending a Notification
        • Managing Sites
      • Playbook MDM
        • Playbooks
        • Plays
        • Devices
        • Deployment Groups
        • Zebra StageNow
      • EMM Console
        • Overview
        • Setup
          • Enroll Org in EMM
          • Policy Management
          • Provisioning
          • Device Management
          • Installing Playbook in EMM
        • Troubleshooting
          • Device Issues
          • Policy Issues
      • Chat Manager
        • Overview
        • Chat Roles
        • Chat Channels
        • Chat Audio Transcription
        • Message Logs
      • Admin
        • Organization
        • Single Sign On
          • Azure Setup
          • Okta Setup
          • Google Workspace Setup
          • Portal Setup
        • Users
        • Roles
          • Overview
          • Predefined Roles
          • Permissions
          • Manage Roles
        • Downloads
        • Agents
        • Key Management
          • Overview
          • API Keys
          • Device Keys
          • Device Restrictions
          • Allowed IP Addresses
        • Enterprise
        • Audit Logs
      • Event Forwarding
      • Remote Control
      • Getting Started
      • Release Notes
    • Other Applications
      • Messaging
        • Features
        • Technical Guide
        • Release Notes
      • Keyboard
        • Features
        • Technical Guide
          • How to: Set Keyboard as default
        • Release Notes
      • Bluetooth
        • Features
        • Release Notes
      • Voice Chat
        • Features
        • Release Notes
      • Device Remote Control
        • Features
        • Technical Guide
        • Release Notes
      • Device ID
        • Features
        • Technical Guide
        • Release Notes
      • Suite Installer
        • Technical Guide
        • Release Notes
      • Accessibility Enabler
        • Release Notes
      • EPM Plugin
        • Features
        • Technical Guide
        • Release Notes
    • Workforce Identity
  • Technical Documentation
    • Updating License Key
    • Commonly Reported Issues
    • Deploying BlueFletch Enterprise
      • Android 10 and 11
      • MDMs
        • Workspace One (VMWare AirWatch)
        • SOTI
        • Microsoft Intune
          • Microsoft Intune + Playbook
      • From Portal to Playbook Agent
Powered by GitBook
On this page
  • User Guide: Admin Tab
  • Audit Logs
  1. Product Guides
  2. Portal
  3. Admin

Audit Logs

PreviousEnterpriseNextEvent Forwarding

Last updated 6 months ago

User Guide: Admin Tab

Audit Logs

Overview

The Audit Logs subtab within Admin provides a record of BlueFletch Portal events, allowing an administrator to review and search for changes made to the the organization's Portal instance and profile.

View Audit Logs

The administrator is able to view the the timestamp of the action, the logged-in user who initiated the action, the kind of action performed, the section of the BlueFletch Portal the action occurred in, and additional information as relevant to certain logs.

Audit Logs defaults to showing all the logs for the filtered timeframe, or the most recent 100 logs. Pressing the Show More button at the bottom of the list will expand the list by 100 logs each time it is pressed if there are more logs to show within the filtered timeframe.

Some logs will have details of the changes that were made. These can be seen by selecting the expand function on that line item.

Events that are logged are labeled as actions. Below are the actions that are currently available in the BlueFletch Portal:

Action
Definition

create

A user has created a new instance of a BlueFletch Portal item.

delete

A user has deleted a previously created instance of a BlueFletch Portal item.

update

A user has edited a previously created instance of a BlueFletch Portal item.

login

A user has logged into the BlueFletch Portal.

ssoLogin

A user has logged in using their preferred Single Sign-On method.

changePassword

A user has changed his/her own password.

activationRequest

A user has sent an activation requests to a new, or previously created user.

passwordReset

An administrator has reset someone's password.

TermsOfService

A user has acknowledged the Terms of Service.

LockedOut

A user has been locked out of his or her account.

Subscribed

A user has subscribed to a report.

Unsubscribed

A user has unsubscribed from a report.

FailedLogin

A user attempted to login but entered an incorrect password.

Every action occurs in the context of a section, or table. The actions "create", "update", and "delete" occur in multiple sections. Below are the sections that are currently available in the BlueFletch Portal:

Section
Definition

Configurations

The action applies to the organization's settings (occurs in conjuction with Organizations).

DeploymentGroups

The action applies to a deployment group.

Devices

The action applies to an MDM device.

EmmDevices

The action applies to an EMM device.

EmmEnrollmentTokens

The action applies to an enrollment token for an EMM Console policy.

EmmPolicies

The action applies to an EMM Console policy.

FileArtifactLocations

The action applies to a cloud-hosted file.

FileArtifactMeta

The action applies to the service for managing cloud-hosted files.

LauncherConfigurations

The action applies to a launcher configuration file.

LoginAttempts

The action applies to attempts by a user to login to the BlueFletch Portal.

Organizations

The action applies to the organization's settings (occurs in conjuction with Configurations).

Playbooks

The action applies to a playbook.

Plays

The action applies to a play.

Roles

The action applies to a role.

Reports

The action applies to a report.

ReportSubscription

The action applies to the subscription or unsubscription of user to a report.

SitesMeta

The action applies to managing the site list files for the organization's dashboards (often in conjunction with SitesView).

SitesViews

The action applies to managing the site list files for the organization's dashboards (often in conjunction with SitesMeta).

SSOConfigs

The action applies to an SSO configuration.

Users

The action applies to a user.

Filter Audit Logs

Audit Logs can be filtered to show a specific date/time range of logs, or logs relevant to specific users, actions, sections, or any combination thereof.

The default Date/Time filter is 24 hours. Three predefined filters can be selected: Past 30 Days, Past 7 Days, and Past 24 Hours. A custom filter can also be created where the administrator can select a date range from a calendar, a Start Time for the earlier date, and an End Time for the later date.

To use the other filters, expand the dropdown for the Users, Actions, or Sections filter and select specific items. Chips will display above the filter selectors to indicate what criteria is being filtered for in the query. These chips can be individually removed with their respective "X" buttons.

Pressing Apply Filters applies the filters to the log queries, expanding or contracting the results accordingly.

Filtering for combinations that do not exist will display a message in the results section informing the user that no logs could be found matched the criteria that was filtered.

Pressing Clear All removes all Users, Actions, and Sections filters and returns the Date/Time range to the default filter of 24 hours.