Audit events list

Review the list of audit events to identify the type of audit entries that are logged in the Control Room for Automation 360.

General audit entries

The following table shows a list of general audit entries and their descriptions (listed alphabetically):

Audit entries Description
Accept end user license agreement This action is logged when the user accepts the license agreement.
Activate automation This action is logged when the user activates the schedule.
Add credential This action is logged when the user creates credentials.
Add Global value This action is logged when the user creates a new global value.
Add locker This action is logged when the user creates the locker.
Add manual dependency This action is logged when the user adds manual dependency to a bot.
Add MFA token This action is logged when the user adds the MFA (multi-factor authentication) token.
Allocate license This action is logged when the user creates a user with a particular license (such as Bot Creator or Bot Runner) and when the user changes the license from Bot. This action is logged when the user creates a user with a particular license (such as Bot Creator or Bot Runner) and when the user changes the license from Bot Creator to Bot Runner and vice versa.
API-Key duration This action is logged when the user changes the duration for how long a generated API-Key is valid to authenticate users.
Audit error This action is logged when an audit error occurs.
Audit migration finished This action is logged when migration is completed.
Audit migration started This action is logged when migration is started.
Audit unset activity type This action is logged when there is an unset activity type.
Auto-login credentials not set This action is logged when auto-login credentials have not been set for the user.
Automation complete This action is logged when a schedule completes.
Automation misfired This action is logged when a scheduled activity is not trigger on time.
BOT_AGENT_BULK_INSTALLATION This action is logged when the user changes the option to generate a registration key to perform bulk installation of the Bot Agent on multiple devices.
Bot runner session This action is logged when a Bot Runner session occurs.
Bot saved This action is logged when a user saves a bot or modifies a bot that is checked in to a Git repository.
Bot sent to device This action is logged when a bot is sent to a device.
Bot sent to device failed due to configuration update This action is logged when a bot fails to be sent to a device because a device configuration update is in progress.
Bot validation setting This action is logged when a user sets the bot validation setting.
Callback request This action is logged when a callback is requested.
Callback URL validation failed This action is logged when the callback URL is invalid and does not appear on the trusted list.
Certificate authentication configuration create This action is logged when a user creates certificate authentication settings.
Certificate authentication configuration update This action is logged when a user modifies the certificate authentication configuration.
Certificate authentication TLS host configuration create This action is logged when a user creates a certificate authentication TLS host server configuration.
Certificate authentication TLS host configuration reinstall This action is logged when a user reinstalls a certificate authentication TLS host server configuration.
Certificate authentication TLS host configuration update This action is logged when a user modifies a certificate authentication TLS host server configuration.
Change settings This action is logged when the user changes any setting such as On to Off, or Off to On.
Check in This action is logged when a check in occurs.
Check in request This action is logged when a check in is requested.
Check out This action is logged when a checkout occurs.
Check out request This action is logged when a check out is requested.
Client log in This action is logged when a client logs in.
Clone This action is logged when a user clones an object.
Cloud burst mode This action is logged when a cloud burst occurs.
Cloud-enabled provisioning success This action is logged when a cloud is successfully provisioned.
Cloud-enabled provisioning failure This action is logged when cloud provisioning fails.
Configure credential vault This action is logged when a user configures a credential vault.
Connect credential vault This action is logged when a user connects a credential vault.
Control Room configurations This action is logged when a user edits general configuration settings to the Control Room.
Control Room upgrade available This action is logged when an upgrade (update) to the Control Room is available.
Control Room upgrade email notification This action is logged when an email has been sent to indicate a successful upgrade to the Control Room.
Control Room upgrade failure This action is logged when an upgrade to the Control Room has failed.
Control Room upgrade success This action is logged when an upgrade to the Control Room has completed successfully.
Create automation This action is logged when the user creates a new schedule or runs a bot with a queue in workload management.
Create bot This action is logged when the user creates a bot for the first time.
Create domain This action is logged when the user creates a new domain.
Create draft of queue This action is logged when the user saves the work item as draft in workload management.
Create folder This action is logged when the user creates a new folder.
Create learning instance This action is logged when the user creates a new learning instance.
Create package This action is logged when the user creates a new package.
Create proxy credentials This action is logged when the user creates new proxy credentials.
Create queue This action is logged when the user creates a new queue in workload management.
Create queue failed This action is logged when a queue creation fails.
Create role This action is logged when the user creates a new role.
Create user This action is logged when a new user is created.
Create work item This action is logged when new work items are added to a queue.
Create work item failed This action is logged when new work items failed to add to a queue.
Credential vault settings This action is logged when a user defines credential vault settings.
Deactivate automation This action is logged when the scheduled automation is deactivated.
Delete automation This action is logged when the user deletes the schedule.
Delete bot This action is logged when the user deletes a bot.
Delete credential This action is logged when the user deletes credentials.
Delete device This action is logged when the user deletes a device.
Delete file This action is logged when the user deletes a file.
Delete folder This action is logged when the user deletes a folder.
Delete Git settings This action is logged when the user deletes Git repository settings in the Control Room.
Delete Global value This action is logged when the user deletes the global value.
Delete learning instance This action is logged when the user deletes an existing learning instance.
Delete locker This action is logged when the user deletes a locker.
Delete MFA token This action is logged when the user deletes the MFA (multi-factor authentication) token.
Delete package

This action is logged when the user deletes a package.

Delete proxy credentials This action is logged when the user deletes proxy credentials.
Delete queue This action is logged when the user deletes the queue in workload management.
Delete queue failed This action is logged when the user fails to delete a queue.
Delete role This action is logged when the user deletes roles from the system.
Delete tenant BLM clean up This action is logged when the Bot Lifecyle Management (BLM) performs clean up for a deleted tenant.
Delete user This action is logged when the user delete users from the system.
Delete work item This action is logged when the user deletes the work item from the queue.
Delete work item failed This action is logged when the user fails to delete work items in a queue.
Deployment automation This action is logged when a bot is deployed to run.
Deployment queued This action is logged when a deployment has been queued to run.
Device acquired by user This action is logged when the device has been acquired by the user.
Device configuration update initiated This action is logged when the user initiates the device configuration update.
Device details updated This action is logged when the device details have been successfully updated.
Device not available to acquire This action is logged when the device is unavailable to be acquired by the user.
Device registered This action is logged when the user registers a device.
Device update configured This action is logged when the user changes the option to install or update the Bot Agent software.
Device type update settings This action is logged when the settings of a device type are updated.
Disable package This action is logged when the user disables a package.
Disable user This action is logged when the user disables another user in the system.
Domain credential reset This action is logged when the user resets or reconnects to the Active Directory domain from the settings page.
Download bot This action is logged when a user downloads a bot.
Download bot finished This action is logged when the Bot Store completes downloading a bot.
Download file This action is logged when a user downloads a file.
Edit bot This action is logged when the user renames a bot.
Edit domain This action is logged when the user modifies a domain.
Edit learning instance This action is logged when the user edits any of the following settings of an existing learning instance:
  • Edits the name
  • Edits or adds a description
  • Uploads staging documents
  • Adds new fields
  • Edits new group setting
  • Edits default validations groups setting
Edit role This action is logged when the user modifies a role.
Edit role - folder permissions This action is logged when a user changes the folder permissions of an existing role.
Edit settings This action is logged when the user modifies settings.
Edit user This action is logged when the user modifies another user.
Elasticsearch backup This action is logged when the user provides a backup IP address in the Elasticsearch disaster recovery backup cluster.
Elasticsearch delete index This action is logged when the user deletes an index from the Elasticsearch.
Email notification This action is logged when email notification connection or authentication fails.
Email notification settings This action is logged when the user modifies email notification settings.
Empty pools This action is logged when there are empty pool IDs.
Enable package This action is logged when the user enables a package.
Enable user This action is logged when the user enables another user in the system.
Execute automation This action is logged when the user executes a bot.
Export bots This action is logged when the user exports bots and is available for download on the Historical activity page.
Export domain This action is logged when the user exports any of the domains from the IQ Bot application.
Export learning instance This action is logged when the user exports a learning instance ( .iqba file) through the migration utility.
Export queue This action is logged when the user exports a queue from workload management.
Export request This action is logged when the user submits a request to export automations.
Export to csv This action is logged when the user exports data to a csv.
Failed to acquire user or device This action is logged when the device or user is unavailable to be acquired.
Failsafe status updated This action is logged when a failsafe status has been updated.
File upload settings This action is logged when the user changes the file upload settings to restrict or allow the upload of executable files to a malicious file upload.
First Administrator settings This action is logged when a user configures the first Administrator user in the Control Room.
Force unlock bot This action is logged when a user unlocks a bot.
GDPR report This action is logged when a user enables GDPR (General Data Protection Regulation) reporting.
Generate API-Key This action is logged when an Admin user generates an API key from the My Settings page, which can be used to obtain an authentication token. This audit entry shows the generate API key status as either Successful or Unsuccessful.
Git push This action is logged when the user synchronizes information between the built-in Git repository and the remote Git host.
Git restore This action is logged when the user restores all of their bots and associated dependent files from the Git repository to a new database.
Git restore abort This action is logged when the user aborts (cancels) to restore all of their bots and associated dependent files from the Git repository to a new database.
Git restore reset This action is logged when the user resets to restore all of their bots and associated dependent files from the Git repository to a new database.
Import bot This action is logged when the user imports a bot.
Import domain This action is logged when the user imports any new domains to IQ Bot
Import learning instance This action is logged when the user imports a learning instance ( .iqba file) through the migration utility.
Import queue This action is logged when the user imports a queue into workload management.
Import request This action is logged when the user generates an import request.
Install license This action is logged when the user installs or changes the license from the license page.
IP address access This action is logged when the IP address has been accessed.
License migration This action is logged when a license is migrated to another user.
License mode change This action is logged when the user changes the license mode.
Load work items from file This action is logged when the user selects a CSV or Excel file and uploads the work item in a queue.
Log in banner settings This action is logged when an Admin configures banner text to display on the login page of the Control Room.
Migration finished This action is logged when a migration completes.
Migration started This action is logged when a migration begins.
Move automation to history This action is logged when the user moves the selected activity to the Historical page.
Move file This action is logged when a user moves any type of file (process automation, bot, and so on) from one folder or path to another folder or path.
No access to pool This action is logged when a user has no access to a device pool.
Override Global value This action is logged when users override a global value with their own private value.
Password settings This action is logged when an Admin configures password settings for the Control Room.
Read credential This action is logged when the logged-in user accesses the credentials of another user for which they do not have permission for because the user is not a consumer for the credential or a credential owner.
Read locker This action is logged when the logged-in user accesses the locker of another user for which they do not have permission because they are not part of a locker as a member (owner, manager, participant, or consumer).
Register app This action is logged when the user configures IQ Bot.
Release license This action is logged when the user changes the license from Bot Runner to Bot Creator or Admin.
Release user license This action is logged when the user changes the user license.
Remove manual dependency This action is logged when the manual dependency is removed from a bot.
Rename folder This action is logged when the user renames the folder.
Resend email verification This action is logged when the email is resent for verification.
Reset password This action is logged when the user resets the password.
Revert checkout This action is logged when the user reverts a previous check out action.
Rollback This action is logged when the user rolls back to a previous version.
Run as user in use This action is logged when the user runs a bot as the user using the bot.
Run as user invalid This action is logged when a user who tries to run aand use the bot is invalid.
Run automation This action is logged when the user runs an automation.
Save allowed IP addresses This action is logged when the allowed IP addresses have been saved.
Schedule misfired This action is logged when the Control Room services starts or the server is available after more than 15 minutes of scheduled deployment time.
Security Settings - External key Vault - Configuration For cloud deployments, this action is logged when a user makes a change to the external key vault configuration. Automation Anywhere supports these external key vaults: AWS Secrets Manager, Azure Key Vault, and CyberArk. This audit entry shows the status as either Successful or Unsuccessful.
Security Settings - Network settings This action is logged when the user changes the configuration of the allowed IP address from where the authentication is restricted.
Send bot to production This action is logged when the user moves the bot from staging to production.
Send bot to staging This action is logged when the user moves the bot from production to staging.
Send email This action is logged when an email is sent.
Send learning instance to production This action is logged when the user moves the learning instance from staging to production.
Send learning instance to staging This action is logged when the user moves the learning instance from production to staging.
Session timeout settings This action is logged when the settings of a session timeout is reached.
Set default device This action is logged when the user sets the default device.
Set device credentials This action is logged when the user sets the device credentials.
Set Git settings This action is logged when the user sets remote Git repository settings in the Control Room.
Sync license This action is logged when a license is synced.
SysLog Configuration For on-premises deployments, this action is logged when a user adds, edits, or deletes Syslog server configuration. This audit entry shows the Control Room server recording the status as either Successful or Unsuccessful.
Temporary devices cleanup job This action is logged when the temporary device runs its cleanup job.
Test proxy connectivity This action is logged when proxy connectivity is tested.
Time out This action is logged when an operation times out.
Train bot This action is logged when the user creates a training bot.
Transfer credential ownership This action is logged when the locker admin transfers the ownership of the credentials.
Trigger bot run This action is logged when a bot runs due to a trigger.
Trigger bot run fail This action is logged when a bot fails to run due to a trigger.
Trigger delete This action is logged when a trigger is deleted.
Trigger delete failed This action is logged when the deletion of a trigger fails.
Trusted CA key store update This action is logged when a user modifies the trusted CA key store for certificate authentication.
Unable to send bot device This action is logged when a bot fails to be sent to a device.
Undo checkout This action is logged when the user reverses a check out.
Unlock credential vault This action is logged when the user unlocks the credential vault.
Unset default device This action is logged when the user changes the default device.
Update app registration This action is logged when the IQ Bot URL is updated in the settings page.
Update automation This action is logged when the user edits the schedule automation.
Update callback URL failed This action is logged when the callback URL list has failed to update.
Update callback URL successful This action is logged when the callback URL list has been updated successfully.
Update credential This action is logged when the user modifies the credentials.
Update device auto download packages This action is logged when the device updates its auto download packages settings.
Update device credentials This action is logged when the device updates its credentials.
Update device general settings This action is logged when the device updates its general settings.
Update device log settings This action is logged when the device updates its log settings.
Update device RDP settings This action is logged when the device updates its RDP (Remote Desktop Protocol) settings.
Update device resolution settings This action is logged when the device updates its resolution settings.
Update Git settings This action is logged when the user updates remote Git repository settings in the Control Room.
Update Global value This action is logged when the user updates an existing public global value.
Update locker This action is logged when the user modifies the lockers.
Update MFA role This action is logged when the user modifies the MFA (multi-factor authentication) role.
Update MFA settings This action is logged when the user modifies the MFA (multi-factor authentication) settings.
Update MFA token This action is logged when the user modifies the MFA (multi-factor authentication) token.
Update MFA user This action is logged when the user modifies the two-factor authentication for a user.
Update package This action is logged when the user updates an existing package.
Update package settings This action is logged when the user updates any package settings.
Update proxy credentials This action is logged when the user updates existing proxy credentials.
Update queue This action is logged when the user updates the existing queue (for example, adding new work items to the same queue).
Update queue failed This action is logged when the user fails to update the existing queue (for example, adding new work items to the same queue).
Update settings This action is logged when the user updates any setting in Control Room.
Update temporary devices auto delete settings This action is logged when the temporary device updates its auto delete settings.
Update work item This action is logged when the user edits a work item.
Update work item failed This action is logged when work items fail to update.
UPDATE_DEVICE_ADVANCED_OPTIONS_SETTINGS This action is logged when the user changes the device environment settings such as: global cache location, auto-login timeout duration, and so on.
UPDATE_DEVICE_THRESHOLD_SETTINGS This action is logged when the user changes enables or disables the threshold settings such as: CPU utilization, device memory threshold values, and so on.
UPDATE_DEVICE_LOG_SETTINGS This action is logged when the user changes the log collection settings such as: log collection, log size, and so on.
UPDATE_GLOBAL_AUTO_LOGIN_SETTINGS This action is logged when the user changes the auto-login settings in the Control Room to either create user sessions, or reuse existing user sessions to reduce the bot startup time.
Upload This action is logged when a user imports a file.
Upload bot This action is logged when a user uploads a bot.
Upload document This action is logged when a user uploads a document.
Upload file This action is logged when a user uploads a file.
Upload package This action is logged when the user uploads a package.
Upload work items file This action is logged when the user updates a queue and adds work items.
User Authentication configuration This action is logged when the user changes the Control Room database or SAML user authentication configuration.
User multiple log in This action is logged when the user logs in to the Control Room from different browsers with the same username.
User log in This action is logged when the user logs in to the Control Room.
User log out This action is logged when the user logs out of the Control Room.
Validate learning instance This action is logged when the user validates (either corrects the document and saves it or invalidates the document) a document in the validator of a learning instance.
Version control settings This action is logged when the user updates any version control settings.
Websocket proxy connection failure This action is logged when the websocket proxy connection fails.

Active Directory audit entries

The following table shows the list of Active Directory audit entries and their descriptions (listed alphabetically):

Audit entries Description
AD allowed domain not set This action is logged when a user or an existing mapping belongs to one or more domains.

Manage Active Directory role mapping

AD allowed domain set
  • This action is logged when the user adds a domain to the allowed domains list.
  • This action is logged when the user removes a domain from the allowed domains list.

Manage domain

AD default domain set This action is logged when the user configures a domain as the default domain.

Manage domain

AD group mapping created This action is logged when the user creates an Active Directory role mapping.
AD group mapping deleted This action is logged when the user deletes an Active Directory role mapping.
AD group mapping updated This action is logged when the user updates an Active Directory role mapping.
AD sync role empty This action is logged when an Active Directory role assigned with sync operations is empty.
AD sync role conflict This action is logged when an Active Directory role assigned with sync operations is in conflict with another role.
AD sync role system assigned This action is logged when new Active Directory roles are assigned with sync operations.
AD sync role system deleted This action is logged when Active Directory roles are deleted with sync operations.
AD sync role system updated This action is logged when Active Directory roles are updated with sync operations.
AD sync user count This action is logged when the Active Directory user counts are synced.
AD sync user deleted This action is logged when the Active Directory synced users are deleted.
AD sync user out of license This action is logged when the Active Directory synced users run out of available licenses.

Automation Co-Pilot for Business Users (Automation Co-Pilot) audit entries

The entry shows the status of events relating to requests, teams, scheduler, process setups, bot setups, human tasks, and bot tasks that you have created, deleted, updated, submitted, or recovered.
Audit log entry Success
Automation Co-Pilot Team
  • When a team is created by a user
  • When a team is edited by a user
  • When a team is deleted by a user
Automation Co-Pilot Request
  • When a request is deleted by a user
  • When a request is recycled by a user
  • When a request is recovered by a user
Automation Co-Pilot Human Task
  • When a task is edited by a user
  • When a task is submitted by a user
  • When a task is canceled by a user
  • When a task is assigned by a user to another user
  • When a task is canceled (using a cancel type of action by a user or by a bot (AARI Web package))
Automation Co-Pilot Bot Task When the process launched a bot task
Automation Co-Pilot Process
  • When a process is created
  • When a process is edited by a user
Automation Co-Pilot Bot Setup
  • When a new bot is added to the bot setup management
  • When the bot setup management is modified
  • When a bot is deleted by a user
Process Scheduler When the scheduler configuration is modified

Bot Insight audit entries

The following table shows the list of Bot Insight audit entries and their descriptions (listed alphabetically):

Audit entries Description
Bot Insight add user dashboard This action is logged when a new user dashboard is added to Bot Insight.
Bot Insight BLM dashboard export This action is logged when a user exports a BLM (Bot Lifecycle Management) dashboard from Bot Insight.
Bot Insight BLM dashboard import This action is logged when a user imports a BLM (Bot Lifecycle Management) dashboard into Bot Insight.
Bot Insight create dashboard This action is logged when a user creates a dashboard in Bot Insight.
Bot Insight copy dashboard This action is logged when a user copies a dashboard in Bot Insight.
Bot Insight delete dashboard This action is logged when a user deletes a dashboard from Bot Insight.
Bot Insight delete user dashboard This action is logged when a user dashboard is deleted from Bot Insight.
Bot Insight end task This action is logged when a task ends in Bot Insight.
Bot Insight get task data This action is logged when task data is retrieved in Bot Insight.
Bot Insight get user dashboards This action is logged when user dashboards are retrieved in Bot Insight.
Bot Insight load dashboard This action is logged when a user loads a dashboard in Bot Insight.
Bot Insight operations This action is logged when operations occur in Bot Insight.
Bot Insight publish dashboard This action is logged when a user publishes a dashboard in Bot Insight.
Bot Insight registers dashboard This action is logged when a user registers a dashboard in Bot Insight.
Bot Insight run data This action is logged when data runs in Bot Insight.
Bot Insight save dashboard This action is logged when a user saves a dashboard in Bot Insight.
Bot Insight search dashboard This action is logged when a user searches a dashboard in Bot Insight.
Bot Insight start task This action is logged when a task starts in Bot Insight.
Bot Insight update dashboard This action is logged when a user updates a dashboard in Bot Insight.
Bot Insight profile update This action is logged when a user updates a data profile in Bot Insight.

Bot life cycle audit logs

The entry shows the status of each stage of the bot life cycle.
Audit log entry Success Failure
Create automation Bot was sent to the control room and was successfully compiled. Check if the Control Room is up and running.
Bot Sent To Device Control Room deployed the bot successfully on the specified device. Possible reasons for failure entry include:
  • Check if you have configured the Node manager on the corresponding device correctly.
  • Check for the app Automation Anywhere Bot Manager in Add Remove Programs or in Control Panel > Uninstall a program. Try to reinstall by uninstalling and downloading the app again.
  • Try to reinstall by uninstalling and downloading the app again from Device Manager.
  • Ensure the device auto log in details are set correctly.
Run bot Deployed The bot has started on the specified device. Possible reasons for failure entry include:
  • Check if you have configured the Node manager on the corresponding device correctly.
  • Check for app Automation Anywhere Bot Manager in Add Remove Programs or in Control Panel > Uninstall a program.
  • Try to reinstall by uninstalling and downloading the app again from Device Manager.
  • Ensure device auto log in details are set correctly.
Run bot finished Bot execution completed successfully. Possible reasons for failure entry include:
  • Check for the bot execution progression in Activity In progress.
  • Check the code at the line where activity log has been paused for errors.
  • If it has paused at a message box, minimize all windows and check if the message box is in the background.
Bot Runner Session Continued Control Room deploys the Task Bots in a sequence for the same RDP session.
Bot Runner Session Released When a task successfully completes the execution.
Download file Downloading to the Control Room.
Upload file Uploading a file to the Control Room.
Bot Runner Session Control Room gets the RDP session of Bot Runner machine.

Bot Store audit entries

The following table shows the list of Bot Store audit entries and their descriptions (listed alphabetically):

Audit entries Description
Bot Store add to My bots This action is logged when a user adds a bot to their My bots.
Bot Store clean up This action is logged when clean up is performed for a deleted tenant.
Bot Store download This action is logged when a user starts to download a bot from the Bot Store.
Bot Store log in This action is logged when a user logs in to the Bot Store.
Bot Store submit bots This action is logged when a user submits bots to the Bot Store.

Code analysis audit entries

The following table shows the list of code analysis audit entries and their descriptions (listed alphabetically):

Audit entries Description
Automated code analysis completed This action is logged when automated code analysis completes.
Automated code analysis started This action is logged when automated code analysis starts.
Policy added This action is logged when a user adds a new code analysis policy in the Policy Manager page.
Policy deleted This action is logged when a user deletes a code analysis policy in the policy manager page.
Policy folder added This action is logged when a user creates a policy assignment to a folder in the policy manage page.
Policy folder removed This action is logged when a user deletes a policy assignment to a folder in the policy manage page.
Policy updated This action is logged when a user modifies and saves a code analysis policy in the policy manage page.
Run automated code analysis This action is logged when automated code analysis starts and when automated code analysis completes.
Run code analysis This action is logged when a user performs the following actions:
  • Runs code analysis from the automation page.
  • Opens an automation file in the Bot editor.
  • Saves an automation file in the Bot editor

Device pool audit entries

The following table shows the list of device pool audit entries and their descriptions (listed alphabetically):

Audit entries Description
Device pool created This action is logged when the user successfully creates a new device pool.
Device pool creation failed This action is logged when the user fails to create a device pool.
Device pool deleted This action is logged when the user successfully deletes a device pool.
Device pool deletion failed This action is logged when the user fails to delete a device pool.
Device pool update failed This action is logged when the user fails to update an existing device pool.
Device pool updated This action is logged when the user edits an existing device pool (for example, add a new device or add a new customer role).

Device update audit entries

The following table shows the list of device update audit entries and their descriptions (listed alphabetically):

Audit entries Description
Device update acknowledged This action is logged when the device update has been acknowledged.
Device update already in progress This action is logged when the device update is already in progress.
Device update completed This action is logged when the device update has completed.
Device update disconnected This action is logged when the device update has been disconnected.
Device update downloaded This action is logged when the device update has been downloaded.
Device update failed and max retry reached This action is logged when the device update has failed after the maxiumum number of retries has been reached.
Device update failed and max retry reset reached This action is logged when the device update has failed but device will continue to retry the update.
Device update initiated This action is logged when the user initiates the device update.
Device update settings This action is logged when the settings of a device are updated.
Device update started This action is logged when the device update has started.
Device update unavailable This action is logged when the device update has already occurred and been updated.
Device update unsuccessful This action is logged when the device update has been unsuccessful.
Device update waiting for deployments to complete This action is logged when the device update is waiting for deployments to complete.

Discovery bot audit entries

The following table shows the list of Discovery bot audit entries and their descriptions (listed alphabetically):

Audit entries Description
Discovery bot cancel recording This action is logged when the discovery bot successfully cancels a recording.
Discovery bot convert to bot This action is logged when the discovery bot successfully converts to a bot.
Discovery bot create aggregated recording This action is logged when the discovery bot successfully creates a new aggregated recording.
Discovery bot create opportunity This action is logged when the discovery bot successfully creates a new opportunity.
Discovery bot create process This action is logged when the discovery bot successfully creates a new process.
Discovery bot create process assignment This action is logged when the discovery bot successfully creates a new process assignment.
Discovery bot create project This action is logged when the discovery bot successfully creates a new project.
Discovery bot create recording This action is logged when the discovery bot successfully creates a new recording.
Discovery bot create recording step This action is logged when the discovery bot successfully creates a new recording step.
Discovery bot create recording step metadata This action is logged when the discovery bot successfully creates metadata for a new recording step.
Discovery bot delete aggregated recording This action is logged when the discovery bot sucessfully deletes an aggregated recording.
Discovery bot delete opportunity This action is logged when the discovery bot successfully deletes an opportunity.
Discovery bot delete process This action is logged when the discovery bot successfully deletes a process.
Discovery bot delete process assignment This action is logged when the discovery bot successfully deletes a process assignment.
Discovery bot delete project This action is logged when the discovery bot successfully deletes a project.
Discovery bot delete recording This action is logged when the discovery bot successfully deletes a recording.
Discovery bot delete recording step This action is logged when the discovery bot successfully deletes a recording step.
Discovery bot delete recording step metadata This action is logged when the discovery bot successfully deletes metadata for a recording step.
Discovery bot export opportunity This action is logged when the discovery bot exports an opportunity.
Discovery bot migrate opportunity This action is logged when the discovery bot migrates an opportunity.
Discovery bot update aggregated recording This action is logged when the discovery bot edits an existing aggregated recording.
Discovery bot update aggregated recording json This action is logged when the discovery bot edits an existing aggregated recording using json.
Discovery bot update opportunity This action is logged when the discovery bot edits an existing opportunity.
Discovery bot update process This action is logged when the discovery bot edits an existing process.
Discovery bot update process assignment This action is logged when the discovery bot edits an existing process assignment.
Discovery bot update project This action is logged when the discovery bot edits an existing project.
Discovery bot update recording This action is logged when the discovery bot edits an existing recording.
Discovery bot update recording step This action is logged when the discovery bot edits an existing recording step.
Discovery bot update recording step metadata This action is logged when the discovery bot edits metadata for an existing recording step.

External key vault audit log

For cloud deployments, the External key vault configuration audit entry shows the type of external key vault configured (if any). Automation Anywhere supports these external key vaults:
  • AWS Secrets Manager
  • Azure Key Vault
  • CyberArk Password Vault
Based on the type of external key vault configured, the external key vault configuration details shows different attributes and their values.
Audit log entry External key vault User action Configuration details shows these attributes and their values
External key vault configuration AWS Secrets Manager Adds a new AWS Secrets Manager when there was previously no external key vault.
  • External key vault value: Changes from no external key vault to AWS Secrets Manager.
  • AWS Secrets Manager value is Enabled
  • Region value is set to (for example) us-east-1
CyberArk Adds a new CyberArk Password Vault when there was previously no external key vault.
  • External key vault value: Changes from no external key vault to CyberArk.
  • CyberArk value is Enabled
  • Vault URL is the CyberArk AIM server CCP API URL and is set to (for example) https://<hostname:port_num>/
  • Application ID is the CCP API AppID and is set to (for example) AAEControlRoom
Azure Key vault Adds a new Azure Key vault when there was previously no external key vault.
  • External key vault value: Changes from no external key vault to Azure Key vault.
  • Azure Key vault value is Enabled
  • Vault URL is the Azure Key Vault URL and is set to (for example) https://user-db-vault.vault.azure.net/
  • Client ID is the (application) ID of an App Registration in the tenant and is set to (for example)536145
  • Tenant ID is the Azure Active Directory tenant (directory) ID and is set to (for example)89D12L
External key vault configuration Change from AWS Secrets Manager to CyberArk User changes from one external key vault to another type. External key vault value changes from AWS Secrets Manger to CyberArk

OAuth connection audit entries

The following table shows the list of OAuth connection audit entries and their descriptions (listed alphabetically):

Audit entries Description
Bulk delete OAuth connection This action is logged when multiple OAuth connections are deleted simultaneously.
Create OAuth connection This action is logged when an OAuth connection is successfully created.
Delete OAuth connection This action is logged when an OAuth connection is successfully deleted.
Update OAuth connection This action is logged when an OAuth connection is successfully updated.

Run bot audit entries

The following table shows the list of run bot audit entries and their descriptions (listed alphabetically):

Audit entries Description
Run bot disconnected This action is logged when a user disconnects a running bot.
Run bot finished This action is logged when a running bot finishes.
Run bot paused This action is logged when a user pauses a running bot.
Run bot pre process failed This action is logged when the pre-process to run the bot fails.
Run bot reconnected This action is logged when a user re-connects a running bot.
Run bot resumed This action is logged when a previously paused bot resumes to run.
Run bot stopped This action is logged when a user stops a running bot.

Run bot local audit entries

The following table shows the list of run bot local audit entries and their descriptions (listed alphabetically):

Audit entries Description
Run bot local hotkey finished This action is logged when a running bot for a local hotkey finishes.
Run bot local hotkey paused This action is logged when a running bot for a local hotkey pauses.
Run bot local hotkey resumed This action is logged when a running bot for a local hotkey resumes.
Run bot local hotkey started This action is logged when a running bot for a local hotkey starts.
Run bot local hotkey stopped This action is logged when a running bot for a local hotkey stops.
Run bot local hotkey suspended This action is logged when a running bot for a local hotkey is suspended.
Run bot local schedule finished This action is logged when a running bot for a local schedule finishes.
Run bot local schedule paused This action is logged when a running bot for a local schedule pauses.
Run bot local schedule resumed This action is logged when a running bot for a local schedule resumes.
Run bot local schedule started This action is logged when a running bot for a local schedule starts.
Run bot local schedule stopped This action is logged when a running bot for a local schedule stops.
Run bot local schedule suspended This action is logged when a running bot for a local schedule is suspended.
Run bot local triggger finished This action is logged when a running bot for a local triggger finishes.
Run bot local triggger paused This action is logged when a running bot for a local triggger pauses.
Run bot local triggger resumed This action is logged when a running bot for a local triggger resumes.
Run bot local triggger started This action is logged when a running bot for a local triggger starts.
Run bot local triggger stopped This action is logged when a running bot for a local triggger stops.
Run bot local triggger suspended This action is logged when a running bot for a local triggger is suspended.

Run logic local audit entries

The following table shows the list of run logic local audit entries and their descriptions (listed alphabetically):

Audit entries Description
Run logic local client finished This action is logged when running logic for a local client finishes.
Run logic local client paused This action is logged when running logic for a local client pauses.
Run logic local client resumed This action is logged when running logic for a local client resumes.
Run logic local client started This action is logged when running logic for a local client starts.
Run logic local client stopped This action is logged when running logic for a local client stops.
Run logic local client suspended This action is logged when running logic for a local client is suspended.

Run workflow local audit entries

The following table shows the list of run workflow local audit entries and their descriptions (listed alphabetically):

Audit entries Description
Run workflow local client finished This action is logged when running a workflow for a local client finishes.
Run workflow local client started This action is logged when running a workflow for a local client starts.
Run workflow local client stopped This action is logged when running a workflow for a local client stops.
Run workflow local schedule finished This action is logged when running a workflow for a local schedule finishes.
Run workflow local schedule started This action is logged when running a workflow for a local schedule starts.
Run workflow local schedule stopped This action is logged when running a workflow for a local schedule stops.
Run workflow local trigger finished This action is logged when running a workflow for a local trigger finishes.
Run workflow local trigger started This action is logged when running a workflow for a local trigger starts.
Run workflow local trigger stopped This action is logged when running a workflow for a local trigger stops.

Schedule bot audit entries

The following table shows the list of schedule bot audit entries and their descriptions (listed alphabetically):

Audit entries Description
Schedule bot disconnected This action is logged when a scheduled bot is disconnected.
Schedule bot ended This action is logged when a scheduled bot ends.
Schedule bot paused This action is logged when a scheduled bot pauses.
Schedule bot reconnected This action is logged when a scheduled bot is reconnected.
Schedule bot resumed This action is logged when a scheduled bot resumes.
Schedule bot stopped This action is logged when a scheduled bot stops.

Syslog audit log

For on-premises deployments, the SysLog Configuration audit entry shows the Control Room server status when adding, editing, or deleting the system configuration. The Syslog details shows these attributes and their values:
  • Syslog Server Hostname: Full qualified domain name (FQDN) or the IP address of the Syslog server used to deliver the log reports
  • Port: Port used by the remote Syslog server to receive incoming Syslog records
  • Protocol: TCP or UDP
  • Use Secure Connection: TLS encrypted channel used to send Syslog records to the remote Syslog server
Audit log entry Status User action SysLog details shows these attributes and their values
SysLog Configuration Successful Adds new values to an existing server
  • Syslog Server Hostname
  • Port
  • Protocol
  • Use Secure Connection

For example: MyServer1.aa.com, 468, TCP, Enabled

Successful Adds new values to multiple servers
  • Syslog Server Hostname
  • Port
  • Protocol
  • Use Secure Connection

For example: MyServer1.aa.com, 468, TCP, Enabled

MyServer2.aa.com, 333, TCP, Disabled

Successful Edits existing server
  • Syslog Server Hostname
  • Port
  • Protocol
  • Use Secure Connection

For example: Old ValueMyServer1.aa.com, 468, TCP, Enabled

New Value MyServer123.aa.com, 514, UDP, Disabled

Successful Deletes existing server
  • Syslog Server Hostname
  • Port
  • Protocol
  • Use Secure Connection

For example: MyServer1.aa.com, 468, TCP, Enabled

SysLog Configuration Unsuccessful User attempted to save the system configuration; however, the Control Room was not able to save the configuration. For an unsuccessful status, you can use the results to troubleshoot the issue. Examples: Invalid Protocol, or Could not save SysLog settings. Invalid Host.