Determining Which Repository Events are Logged

Most actions performed in a Laserfiche repository can be logged. Individual actions are grouped into event groups based on the event type—for instance, the Session event group includes the Log On, Log Off, and Terminate Session events. In addition to logging events that have occurred, you can also choose to log unsuccessful attempts to perform a specific action and events performed by a particular user or group. The effects of assigning audit configuration to users and groups are explained below.

For a complete list of audit events, see Audit Event Descriptions.

Laserfiche Audit Trail determines which events will be logged by first checking who is logged into the repository. Once it knows which user has logged into the repository, it will check that user's audit settings for two possible types.

Note:  Windows Accounts and LDAP groups and users can be audited just like Laserfiche groups and users. The term "user" can apply to a Laserfiche, Windows Accounts or LDAP user; the term "group" applies to either a Laserfiche, Windows Accounts or LDAP group.

Note: To ensure certain events are logged for all users, enable auditing on the event for the Everyone group. The Everyone group is a special account, listed under the Users and Groups node, that always includes all users.

By default, new repositories audit successes on the Everyone group in the audit classes:

Use the Administration Console or web client management page to configure additional options.

To determine which events are logged

  1. Open the Laserfiche Administration Console and expand the desired Laserfiche Server in the left pane.
  2. Select the desired Laserfiche repository.
  3. If security has been enabled on that repository, log in as any user who has been granted the Manage Audit Settings privilege for the specified repository.
  4. Expand the Users and Groups node.
  5. Select the Repository Users, Repository Groups, Windows Accounts, Laserfiche Directory Accounts, or LDAP Management node. Keep in mind that a user can either inherit audit settings from the groups to which he or she belongs or auditing can be limited to the events selected for a user.
  6. Right-click the desired user or group and select Properties.
  7. Click the Auditing tab.

    Note: A collection of events may have Success already selected. These "typical" events are selected and audited by default when creating a repository. It includes all events except those that are performance intensive, unnecessarily bulk up the audit logs, and generally too specific for most organizations' needs. Click Set Typical to reselect this default collection if it has been modified.

  8. Do one of the following:
    • For the selected user or group to inherit audit event settings from the groups to which it belongs, select Group membership. Click Audit Events to see the events that will be audited for the selected user or group, based on the other groups to which they belong. Click Close to close the Audit Events dialog box. Click OK to save your settings. Go to step 12.
    • To determine which events will be audited for the selected user, select Selected events. Go to the next step.
  9. For each event group, select or clear the check box under the Success column depending on whether the event should be logged when successfully performed. For a complete list of audit events, see Audit Event Descriptions.

    Important: The Entry Listing audit event will log every time a user browses to a document, even if they do not open it. For instance, if a user opens a folder, this event will log every document that they can see in that folder, and if they perform a search, it will log every event in that search, even if they do not open any of the documents. Since this will result in a huge volume of logged events and very large audit logs, we recommend only enabling this option if your compliance policy requires you to do so.

  10. For each event group, select or clear the check box under the Failure column depending on whether the event should be logged when an unsuccessful attempt to perform it occurs. For a complete list of audit events, see Audit Event Descriptions.
  11. Click Set All to select all the events and Clear All to clear all events.
  12. Click OK.
  13. Repeat steps 6 - 12 as needed.

Note: To audit LDAP events, select Account. To audit Electronic Data events, select Entry.

Note: To run a report on Entry Listing events, select Browse Entry under View Content in the Audit Reporter.

To determine which events are logged

  1. Open the Laserfiche web client management page and sign in as any user who has been granted the Manage Audit Settings privilege for the specified repository.
  2. Navigate to the Users page or the Everyone page. On the Users page, you can further select the Users or Groups tab, depending on which type of trustee you are interested in.
  3. Select the desired user or group.
  4. Click the Auditing tab.
  5. For the selected user or group to inherit audit event settings from the groups to which it belongs, select Inherit audit settings from group membership. The events that will be audited for the selected user or group will be displayed.
  6. For each event group, select or clear the checkbox under the Success column depending on whether the event should be logged when successfully performed. For a complete list of audit events, see Audit Event Descriptions.

    Important: The Entry Listing audit event will log every time a user browses to a document, even if they do not open it. For instance, if a user opens a folder, this event will log every document that they can see in that folder, and if they perform a search, it will log every event in that search, even if they do not open any of the documents. Since this will result in a huge volume of logged events and very large audit logs, we recommend only enabling this option if your compliance policy requires you to do so.

  7. For each event group, select or clear the checkbox under the Failure column depending on whether the event should be logged when an unsuccessful attempt to perform it occurs. For a complete list of audit events, see Audit Event Descriptions.
  8. Click Save.