Idea Details

User access log

Last activity 06-03-2019 08:28 PM
visre01's profile image
06-11-2018 08:30 AM

Hello,
Could you please consider the following IDEA raised by AXA?

Thank you.

Renato

 

IDEA:

"

API Portal Administrator wants to have access to an history of :

- User access dates and time

- Asset modifications dates and time and by whom

- Asset deletion dates and time and by whom

- PAPI APIs Access logs

Each action of each user is being tracked down; access to logs and eventually to backup on a external server. Monitor actions such as deleting massive data

"


Comments

07-09-2018 04:28 AM

obech01,

We are using the Portal and Gateway in a hybrid mode: the SaaS API Developer Portal, and on-premise API Gateways.

That means we are in full control of all gateway audit logs, while we have to rely on CA SaaS Ops for any access to portal logs.

Therefore, to get the complete audit view, we need access to the logs of portal activities, as you have recognized, and exactly as it is described in this idea.

Let me know if it is still unclear.

06-13-2018 03:23 AM

What is meant by asset? Is it about surfacing the logs of the gateways (and see modifications of policies) or modifications of portal-only assets (such as creation of apis, applications, users, groups). Also, interestingly, the customer does not mention the access to the logs for example when you call an API in the Explorer and it fails. So what he is really asking is more about audit logs of portal activites rather than valuable logs for the developer consuming the APIs.