Automation 360

Audit events list

Download as PDF

Audit events list

Download as PDF

Updated: 2025/01/08

Review the list of audit events to identify the type of audit entries that are logged in the Control Room for Automation 360.

General audit entries

The following table shows a list of general audit entries and their descriptions (listed alphabetically):


Audit entries	Description
Accept end user license agreement	This action is logged when the user accepts the license agreement.
Activate automation	This action is logged when the user activates the schedule.
Add credential	This action is logged when the user creates credentials.
Add Global value	This action is logged when the user creates a new global value.
Add locker	This action is logged when the user creates the locker.
Add manual dependency	This action is logged when the user adds manual dependency to a bot.
Add MFA token	This action is logged when the user adds the MFA (multi-factor authentication) token.
Allocate license	This action is logged when the user creates a user with a particular license (such as Bot Creator or Bot Runner) and when the user changes the license from Bot. This action is logged when the user creates a user with a particular license (such as Bot Creator or Bot Runner) and when the user changes the license from Bot Creator to Bot Runner and vice versa.
API-Key duration	This action is logged when the user changes the duration for how long a generated API-Key is valid to authenticate users.
Audit error	This action is logged when an audit error occurs.
Audit migration finished	This action is logged when migration is completed.
Audit migration started	This action is logged when migration is started.
Audit unset activity type	This action is logged when there is an unset activity type.
Auto-login credentials not set	This action is logged when auto-login credentials have not been set for the user.
Automation complete	This action is logged when a schedule completes.
Automation misfired	This action is logged when a scheduled activity is not trigger on time.
BOT_AGENT_BULK_INSTALLATION	This action is logged when the user changes the option to generate a registration key to perform bulk installation of the Bot Agent on multiple devices.
Bot runner session	This action is logged when a Bot Runner session occurs.
Bot saved	This action is logged when a user saves a bot or modifies a bot that is checked in to a Git repository.
Bot sent to device	This action is logged when a bot is sent to a device.
Bot sent to device failed due to configuration update	This action is logged when a bot fails to be sent to a device because a device configuration update is in progress.
Bot validation setting	This action is logged when a user sets the bot validation setting.
Callback request	This action is logged when a callback is requested.
Callback URL validation failed	This action is logged when the callback URL is invalid and does not appear on the trusted list.
Certificate authentication configuration create	This action is logged when a user creates certificate authentication settings.
Certificate authentication configuration update	This action is logged when a user modifies the certificate authentication configuration.
Certificate authentication TLS host configuration create	This action is logged when a user creates a certificate authentication TLS host server configuration.
Certificate authentication TLS host configuration reinstall	This action is logged when a user reinstalls a certificate authentication TLS host server configuration.
Certificate authentication TLS host configuration update	This action is logged when a user modifies a certificate authentication TLS host server configuration.
Check in	This action is logged when a check in occurs.
Check in request	This action is logged when a check in is requested.
Check out	This action is logged when a checkout occurs.
Check out request	This action is logged when a check out is requested.
Client log in	This action is logged when a client logs in.
Clone	This action is logged when a user clones an object.
Cloud burst mode	This action is logged when a cloud burst occurs.
* Cloud-enabled provisioning success	This action is logged when a cloud is successfully provisioned
* Cloud-enabled provisioning failure	This action is logged when cloud provisioning fails.
Configure credential vault	This action is logged when a user configures a credential vault.
Connect credential vault	This action is logged when a user connects a credential vault.
Control Room configurations	This action is logged when a user edits general configuration settings to the Control Room.
Control Room upgrade available	This action is logged when an update to the Control Room is available.
Control Room upgrade email notification	This action is logged when an email has been sent to indicate a successful upgrade to the Control Room.
Control Room upgrade failure	This action is logged when an upgrade to the Control Room has failed.
Control Room upgrade success	This action is logged when an upgrade to the Control Room has completed successfully.
Create automation	This action is logged when the user creates a new schedule or runs a bot with a queue in workload management.
Create bot	This action is logged when the user creates a bot for the first time.
Create domain	This action is logged when the user creates a new domain.
Create draft of queue	This action is logged when the user saves the work item as draft in workload management.
Create folder	This action is logged when the user creates a new folder.
Create learning instance	This action is logged when the user creates a new learning instance.
Create package	This action is logged when the user creates a new package.
Create proxy credentials	This action is logged when the user creates new proxy credentials.
Create queue	This action is logged when the user creates a new queue in workload management.
Create queue failed	This action is logged when a queue creation fails.
Create role	This action is logged when the user creates a new role.
Create user	This action is logged when a new user is created.
Create work item	This action is logged when new work items are added to a queue.
Create work item failed	This action is logged when new work items failed to add to a queue.
Credential vault settings	This action is logged when a user defines credential vault settings.
Deactivate automation	This action is logged when the scheduled automation is deactivated.
Delete automation	This action is logged when the user deletes the schedule.
Delete bot	This action is logged when the user deletes a bot.
Delete credential	This action is logged when the user deletes credentials.
Delete device	This action is logged when the user deletes a device.
Delete file	This action is logged when the user deletes a file.
Delete folder	This action is logged when the user deletes a folder.
Delete Git settings	This action is logged when the user deletes Git repository settings in the Control Room.
Delete Global value	This action is logged when the user deletes the global value.
Delete learning instance	This action is logged when the user deletes an existing learning instance.
Delete locker	This action is logged when the user deletes a locker.
Delete MFA token	This action is logged when the user deletes the MFA (multi-factor authentication) token.
Delete package	This action is logged when the user deletes a package.
Delete proxy credentials	This action is logged when the user deletes proxy credentials.
Delete queue	This action is logged when the user deletes the queue in workload management.
Delete queue failed	This action is logged when the user fails to delete a queue.
Delete role	This action is logged when the user deletes roles from the system.
Delete tenant BLM clean up	This action is logged when the Bot Lifecyle Management (BLM) performs clean up for a deleted tenant.
Delete user	This action is logged when the user delete users from the system.
Delete work item	This action is logged when the user deletes the work item from the queue.
Delete work item failed	This action is logged when the user fails to delete work items in a queue.
Deployment automation	This action is logged when a bot is deployed to run.
Deployment queued	This action is logged when a deployment has been queued to run.
Device acquired by user	This action is logged when the device has been acquired by the user.
Device configuration update initiated	This action is logged when the user initiates the device configuration update.
Device details updated	This action is logged when the device details have been successfully updated.
Device disconnected	This action is logged when the device update has been disconnected.
Device not available to acquire	This action is logged when the device is unavailable to be acquired by the user.
Device registered	This action is logged when the user registers a device.
Device update configured	This action is logged when the user changes the option to install or update the Bot Agent software.
Device type update settings	This action is logged when the settings of a device type are updated.
Disable package	This action is logged when the user disables a package.
Disable user	This action is logged when the user disables another user in the system.
Domain credential reset	This action is logged when the user resets or reconnects to the Active Directory domain from the settings page.
Download bot	This action is logged when a user downloads a bot.
Download bot finished	This action is logged when the Bot Store completes downloading a bot.
Download file	This action is logged when a user downloads a file.
Edit bot	This action is logged when the user renames a bot.
Edit domain	This action is logged when the user modifies a domain.
Edit learning instance	This action is logged when the user edits any of the following settings of an existing learning instance: Edits the name Edits or adds a description Uploads staging documents Adds new fields Edits new group setting Edits default validations groups setting
Edit role	This action is logged when the user modifies a role.
Edit role - folder permissions	This action is logged when a user changes the folder permissions of an existing role.
Edit user	This action is logged when the user modifies another user.
Elasticsearch backup	This action is logged when the user provides a backup IP address in the Elasticsearch disaster recovery backup cluster.
Elasticsearch delete index	This action is logged when the user deletes an index from the Elasticsearch.
Email notification	This action is logged when email notification connection or authentication fails.
Email notification settings	This action is logged when the user modifies email notification settings.
Empty pools	This action is logged when there are empty pool IDs.
Enable package	This action is logged when the user enables a package.
Enable user	This action is logged when the user enables another user in the system.
Execute automation	This action is logged when the user executes a bot.
Export bots	This action is logged when the user exports bots and is available for download on the Historical activity page.
Export domain	This action is logged when the user exports any of the domains from the IQ Bot application.
Export learning instance	This action is logged when the user exports a learning instance ( `.iqba file`) through the migration utility.
Export queue	This action is logged when the user exports a queue from workload management.
Export request	This action is logged when the user submits a request to export automations.
Export to csv	This action is logged when the user exports data to a csv.
Failed to acquire user or device	This action is logged when the device or user is unavailable to be acquired.
Failsafe status updated	This action is logged when a failsafe status has been updated.
File upload settings	This action is logged when the user changes the file upload settings to restrict or allow the upload of executable files to a malicious file upload.
First Administrator settings	This action is logged when a user configures the first Administrator user in the Control Room.
Force unlock bot	This action is logged when a user unlocks a bot.
GDPR report	This action is logged when a user enables GDPR (General Data Protection Regulation) reporting.
Generate API-Key	This action is logged when an Admin user generates an API key from the My Settings page, which can be used to obtain an authentication token. This audit entry shows the generate API key status as either Successful or Unsuccessful.
Git push	This action is logged when the user synchronizes information between the built-in Git repository and the remote Git host.
Git restore	This action is logged when the user restores all of their bots and associated dependent files from the Git repository to a new database.
Git restore abort	This action is logged when the user aborts (cancels) to restore all of their bots and associated dependent files from the Git repository to a new database.
Git restore reset	This action is logged when the user resets to restore all of their bots and associated dependent files from the Git repository to a new database.
Import bot	This action is logged when the user imports a bot.
Import domain	This action is logged when the user imports any new domains to IQ Bot.
Import learning instance	This action is logged when the user imports a learning instance ( `.iqba file`) through the migration utility.
Import queue	This action is logged when the user imports a queue into workload management.
Import request	This action is logged when the user generates an import request.
Install license	This action is logged when the user installs or changes the license from the license page.
IP address access	This action is logged when the IP address has been accessed.
License migration	This action is logged when a license is migrated to another user.
License mode change	This action is logged when the user changes the license mode.
Load work items from file	This action is logged when the user selects a CSV or Excel file and uploads the work item in a queue.
Log in banner settings	This action is logged when an Admin configures banner text to display on the login page of the Control Room.
Migration finished	This action is logged when a migration completes.
Migration started	This action is logged when a migration begins.
Move activity to history (user)	This action is logged when the user moves the selected activity to the Historical page.
Move file	This action is logged when a user moves any type of file (process automation, bot, and so on) from one folder or path to another folder or path.
No access to pool	This action is logged when a user has no access to a device pool.
Override Global value	This action is logged when users override a global value with their own private value.
Password settings	This action is logged when an Admin configures password settings for the Control Room.
Read credential	This action is logged when the logged-in user accesses the credentials of another user for which they do not have permission for because the user is not a consumer for the credential or a credential owner.
Read locker	This action is logged when the logged-in user accesses the locker of another user for which they do not have permission because they are not part of a locker as a member (owner, manager, participant, or consumer).
Register app	This action is logged when the user configures IQ Bot.
Release license	This action is logged when the user changes the license from Bot Runner to Bot Creator or Admin.
Release user license	This action is logged when the user changes the user license.
Remove manual dependency	This action is logged when the manual dependency is removed from a bot.
Rename folder	This action is logged when the user renames the folder.
Resend email verification	This action is logged when the email is resent for verification.
Reset password	This action is logged when the user resets the password.
Revert checkout	This action is logged when the user reverts a previous check out action.
Rollback	This action is logged when the user rolls back to a previous version.
Run as user in use	This action is logged when the user runs a bot as the user using the bot.
Run as user invalid	This action is logged when a user who tries to run aand use the bot is invalid.
Run automation	This action is logged when the user runs an automation.
Save allowed IP addresses	This action is logged when the allowed IP addresses have been saved.
Schedule misfired	This action is logged when the Control Room services starts or the server is available after more than 15 minutes of scheduled deployment time.
Security Settings - External key Vault - Configuration	For cloud deployments, this action is logged when a user makes a change to the external key vault configuration. Automation Anywhere supports these external key vaults: AWS Secrets Manager, Azure Key Vault, and CyberArk. This audit entry shows the status as either Successful or Unsuccessful.
Security Settings - Network settings	This action is logged when the user changes the configuration of the allowed IP address from where the authentication is restricted.
Send bot to production	This action is logged when the user moves the bot from staging to production.
Send bot to staging	This action is logged when the user moves the bot from production to staging.
Send email	This action is logged when an email is sent.
Send learning instance to production	This action is logged when the user moves the learning instance from staging to production.
Send learning instance to staging	This action is logged when the user moves the learning instance from production to staging.
Session timeout settings	This action is logged when the settings of a session timeout is reached.
Set default device	This action is logged when the user sets the default device.
Set device credentials	This action is logged when the user sets the device credentials.
Set Git settings	This action is logged when the user sets remote Git repository settings in the Control Room.
Sync license	This action is logged when a license is synced.
SysLog Configuration	For on-premises deployments, this action is logged when a user adds, edits, or deletes Syslog server configuration. This audit entry shows the Control Room server recording the status as either Successful or Unsuccessful.
Temporary devices cleanup job	This action is logged when the temporary device runs its cleanup job.
Test proxy connectivity	This action is logged when proxy connectivity is tested.
Time out	This action is logged when an operation times out.
Train bot	This action is logged when the user creates a training bot.
Transfer credential ownership	This action is logged when the locker admin transfers the ownership of the credentials.
Trigger bot run	This action is logged when a bot runs due to a trigger.
Trigger bot run fail	This action is logged when a bot fails to run due to a trigger.
Trigger delete	This action is logged when a trigger is deleted.
Trigger delete failed	This action is logged when the deletion of a trigger fails.
Trusted CA key store update	This action is logged when a user modifies the trusted CA key store for certificate authentication.
Unable to send bot device	This action is logged when a bot fails to be sent to a device.
Undo checkout	This action is logged when the user reverses a check out.
Unlock credential vault	This action is logged when the user unlocks the credential vault.
Unset default device	This action is logged when the user changes the default device.
Update app registration	This action is logged when the IQ Bot URL is updated in the settings page.
Update automation	This action is logged when the user edits the schedule automation.
Update callback URL failed	This action is logged when the callback URL list has failed to update.
Update callback URL successful	This action is logged when the callback URL list has been updated successfully.
Update credential	This action is logged when the user modifies the credentials.
Update device auto download packages	This action is logged when the device updates its auto download packages settings.
Update device credentials	This action is logged when the device updates its credentials.
Update device general settings	This action is logged when the device updates its general settings.
Update device log settings	This action is logged when the device updates its log settings.
Update device RDP settings	This action is logged when the device updates its RDP (Remote Desktop Protocol) settings.
Update device resolution settings	This action is logged when the device updates its resolution settings.
Update Git settings	This action is logged when the user updates remote Git repository settings in the Control Room.
Update Global value	This action is logged when the user updates an existing public global value.
Update locker	This action is logged when the user modifies the lockers.
Update MFA role	This action is logged when the user modifies the MFA (multi-factor authentication) role.
Update MFA settings	This action is logged when the user modifies the MFA (multi-factor authentication) settings.
Update MFA token	This action is logged when the user modifies the MFA (multi-factor authentication) token.
Update MFA user	This action is logged when the user modifies the two-factor authentication for a user.
Update package	This action is logged when the user updates an existing package.
Update package settings	This action is logged when the user updates any package settings.
Update proxy credentials	This action is logged when the user updates existing proxy credentials.
Update queue	This action is logged when the user updates the existing queue (for example, adding new work items to the same queue).
Update queue failed	This action is logged when the user fails to update the existing queue (for example, adding new work items to the same queue).
Update settings	This action is logged when the user updates any setting, such as On to Off, or Off to On in Control Room.
Update temporary devices auto delete settings	This action is logged when the temporary device updates its auto delete settings.
Update work item	This action is logged when the user edits a work item.
Update work item failed	This action is logged when work items fail to update.
UPDATE_DEVICE_ADVANCED_OPTIONS_SETTINGS	This action is logged when the user changes the device environment settings such as: global cache location, auto-login timeout duration, and so on.
UPDATE_DEVICE_THRESHOLD_SETTINGS	This action is logged when the user changes enables or disables the threshold settings such as: CPU utilization, device memory threshold values, and so on.
UPDATE_DEVICE_LOG_SETTINGS	This action is logged when the user changes the log collection settings such as: log collection, log size, and so on.
UPDATE_GLOBAL_AUTO_LOGIN_SETTINGS	This action is logged when the user changes the auto-login settings in the Control Room to either create user sessions, or reuse existing user sessions to reduce the bot startup time.
Upload	This action is logged when a user imports a file.
Upload bot	This action is logged when a user uploads a bot.
Upload document	This action is logged when a user uploads a document.
Upload file	This action is logged when a user uploads a file.
Upload package	This action is logged when the user uploads a package.
Upload work items file	This action is logged when the user updates a queue and adds work items.
User Authentication configuration	This action is logged when the user changes the Control Room database or SAML user authentication configuration.
User log in	This action is logged when the user logs in to the Control Room.
User log out	This action is logged when the user logs out of the Control Room.
User multiple log in	This action is logged when the user logs in to the Control Room from different browsers with the same username.
Validate learning instance	This action is logged when the user validates (either corrects the document and saves it or invalidates the document) a document in the validator of a learning instance.
Version control settings	This action is logged when the user updates any version control settings.
Websocket proxy connection failure	This action is logged when the websocket proxy connection fails.

Note:

As a Bot Creator user, running any bot, whether it includes the Recorder or not, will generate an audit entry for the Recorder. This is a normal pre-check entry in the audit log, so you might see duplicate entries for this event in the Audit log page.
Cloud-enabled deployment is deprecated since April 2024. See, Upcoming feature deprecations.

Active Directory audit entries

The following table shows the list of Active Directory audit entries and their descriptions (listed alphabetically):


Audit entries	Description
AD allowed domain not set	This action is logged when a user or an existing mapping belongs to one or more domains. Manage Active Directory role mapping
AD allowed domain set	This action is logged when the user adds a domain to the allowed domains list. This action is logged when the user removes a domain from the allowed domains list. Manage domain
AD default domain set	This action is logged when the user configures a domain as the default domain. Manage domain
AD group mapping created	This action is logged when the user creates an Active Directory role mapping.
AD group mapping deleted	This action is logged when the user deletes an Active Directory role mapping.
AD group mapping updated	This action is logged when the user updates an Active Directory role mapping.
AD sync role empty	This action is logged when an Active Directory role assigned with sync operations is empty.
AD sync role conflict	This action is logged when an Active Directory role assigned with sync operations is in conflict with another role.
AD sync role system assigned	This action is logged when new Active Directory roles are assigned with sync operations.
AD sync role system deleted	This action is logged when Active Directory roles are deleted with sync operations.
AD sync role system updated	This action is logged when Active Directory roles are updated with sync operations.
AD sync user count	This action is logged when the Active Directory user counts are synced.
AD sync user deleted	This action is logged when the Active Directory synced users are deleted.
AD sync user out of license	This action is logged when the Active Directory synced users run out of available licenses.

AI prompt audit entries

The following table shows the list of AI prompt audit entries and their descriptions (listed alphabetically):


Audit log entry	Success
Check in prompt template	This action is logged when a user checks-in a prompt template.
Check out prompt template	This action is logged when a user checks-out a prompt template.
Clone prompt template	This action is logged when a user clones a prompt template.
Create prompt template	This action is logged when a user creates a prompt template.
Delete prompt template	This action is logged when a user deletes a prompt template.
Edit prompt template	This action is logged when a user edits a prompt template.
Export prompt template	This action is logged when a user exports a prompt template.
Import prompt template	This action is logged when a user imports a prompt template.
Save prompt template	This action is logged when a user saves a prompt template.

See Audit logs for generative AI interactionsfor additional log details.

Automation Co-Pilot for Business Users (Automation Co-Pilot) audit entries

The entry shows the status of events relating to requests, teams, scheduler, process setups, bot setups, human tasks, and bot tasks that you have created, deleted, updated, submitted, or recovered.


Audit log entry	Success
Automation Co-Pilot Team	When a team is created by a user When a team is edited by a user When a team is deleted by a user
Automation Co-Pilot Request	When a request is deleted by a user When a request is recycled by a user When a request is recovered by a user
Automation Co-Pilot Human Task	When a task is edited by a user When a task is submitted by a user When a task is canceled by a user When a task is assigned by a user to another user When a task is canceled (using a cancel type of action by a user or by a bot (Process Composer package))
Automation Co-Pilot Bot Task	When the process launched a bot task
Automation Co-Pilot Process	When a process is created When a process is edited by a user
Automation Co-Pilot Bot Setup	When a new bot is added to the bot setup management When the bot setup management is modified When a bot is deleted by a user
Process Scheduler	When the scheduler configuration is modified

Bot Insight audit entries

The following table shows the list of Bot Insight audit entries and their descriptions (listed alphabetically):


Audit entries	Description
BI add user dashboard	This action is logged when a new user dashboard is added to Bot Insight.
BI copy dashboard	This action is logged when a user copies a dashboard in Bot Insight.
BI delete dashboard	This action is logged when a user deletes a dashboard from Bot Insight.
BI delete user dashboard	This action is logged when a user dashboard is deleted from Bot Insight.
BI end task	This action is logged when a task ends in Bot Insight.
BI get task data	This action is logged when task data is retrieved in Bot Insight.
BI get user dashboards	This action is logged when user dashboards are retrieved in Bot Insight.
BI operations	This action is logged when operations occur in Bot Insight.
BI registers dashboard	This action is logged when a user registers a dashboard in Bot Insight.
BI run data	This action is logged when data runs in Bot Insight.
BI save dashboard	This action is logged when a user saves a dashboard in Bot Insight.
BI search dashboard	This action is logged when a user searches a dashboard in Bot Insight.
BI start task	This action is logged when a task starts in Bot Insight.
BI update dashboard	This action is logged when a user updates a dashboard in Bot Insight.

Bot life cycle audit logs

The entry shows the status of each stage of the bot life cycle.


Audit log entry	Success	Failure
Create automation	Bot was sent to the control room and was successfully compiled.	Check if the Control Room is up and running.
Bot Sent To Device	Control Room deployed the bot successfully on the specified device.	Possible reasons for failure entry include: Check if you have configured the Node manager on the corresponding device correctly. Check for the app Automation Anywhere Bot Manager in Add Remove Programs or in Control Panel > Uninstall a program. Try to reinstall by uninstalling and downloading the app again. Try to reinstall by uninstalling and downloading the app again from Device Manager. Ensure the device auto log in details are set correctly.
Run bot Deployed	The bot has started on the specified device.	Possible reasons for failure entry include: Check if you have configured the Node manager on the corresponding device correctly. Check for app Automation Anywhere Bot Manager in Add Remove Programs or in Control Panel > Uninstall a program. Try to reinstall by uninstalling and downloading the app again from Device Manager. Ensure device auto log in details are set correctly.
Run bot finished	Bot execution completed successfully.	Possible reasons for failure entry include: Check for the bot execution progression in Activity In progress. Check the code at the line where activity log has been paused for errors. If it has paused at a message box, minimize all windows and check if the message box is in the background.
Bot Runner Session Continued	Control Room deploys the Task Bots in a sequence for the same RDP session.
Bot Runner Session Released	When a task successfully completes the execution.
Download file	Downloading to the Control Room.
Upload file	Uploading a file to the Control Room.
Bot Runner Session	Control Room gets the RDP session of Bot Runner machine.

Bot Store audit entries

The following table shows the list of Bot Store audit entries and their descriptions (listed alphabetically):


Audit entries	Description
Bot Store add to My bots	This action is logged when a user adds a bot to their My bots.
Bot Store clean up	This action is logged when clean up is performed for a deleted tenant.
Bot Store download	This action is logged when a user starts to download a bot from the Bot Store.
Bot Store log in	This action is logged when a user logs in to the Bot Store.
Bot Store submit bots	This action is logged when a user submits bots to the Bot Store.

Code analysis audit entries

The following table shows the list of code analysis audit entries and their descriptions (listed alphabetically):


Audit entries	Description
Automated code analysis completed	This action is logged when automated code analysis completes.
Automated code analysis started	This action is logged when automated code analysis starts.
Policy added	This action is logged when a user adds a new code analysis policy in the Policy Manager page.
Policy deleted	This action is logged when a user deletes a code analysis policy in the policy manager page.
Policy folder added	This action is logged when a user creates a policy assignment to a folder in the policy manage page.
Policy folder removed	This action is logged when a user deletes a policy assignment to a folder in the policy manage page.
Policy updated	This action is logged when a user modifies and saves a code analysis policy in the policy manage page.
Run automated code analysis	This action is logged when automated code analysis starts and when automated code analysis completes.
Run code analysis	This action is logged when a user performs the following actions: Runs code analysis from the automation page. Opens an automation file in the Bot editor. Saves an automation file in the Bot editor

Device pool audit entries

The following table shows the list of device pool audit entries and their descriptions (listed alphabetically):


Audit entries	Description
Device pool created	This action is logged when the user successfully creates a new device pool.
Device pool creation failed	This action is logged when the user fails to create a device pool.
Device pool deleted	This action is logged when the user successfully deletes a device pool.
Device pool deletion failed	This action is logged when the user fails to delete a device pool.
Device pool update failed	This action is logged when the user fails to update an existing device pool.
Device pool updated	This action is logged when the user edits an existing device pool (for example, add a new device or add a new customer role).

Device update audit entries

The following table shows the list of device update audit entries and their descriptions (listed alphabetically):


Audit entries	Description
Device configuration upgrade in progress unable to send bot to device	This action is logged when the Control Room fails to send a bot deployment message to the Bot Agent of a device. This is because a device configuration update is in progress
Device update acknowledged	This action is logged when the device update has been acknowledged.
Device update already in progress	This action is logged when the device update is already in progress.
Device update completed	This action is logged when the device update has completed.
Device update downloaded	This action is logged when the device update has been downloaded.
Device update failed and max retry reached	This action is logged when the device update has failed after the maxiumum number of retries has been reached.
Device update failed and max retry reset reached	This action is logged when the device update has failed but device will continue to retry the update.
Device update initiated	This action is logged when the user initiates the device update.
Device update settings	This action is logged when the settings of a device are updated.
Device update started	This action is logged when the device update has started.
Device update unavailable	This action is logged when the device update has already occurred and been updated.
Device update unsuccessful	This action is logged when the device update has been unsuccessful.
Device update waiting for deployments to complete	This action is logged when the device update is waiting for deployments to complete.

Discovery bot audit entries

The following table shows the list of Discovery bot audit entries and their descriptions (listed alphabetically):


Audit entries	Description
Discovery bot cancel recording	This action is logged when the discovery bot successfully cancels a recording.
Discovery bot convert to bot	This action is logged when the discovery bot successfully converts to a bot.
Discovery bot create aggregated recording	This action is logged when the discovery bot successfully creates a new aggregated recording.
Discovery bot create opportunity	This action is logged when the discovery bot successfully creates a new opportunity.
Discovery bot create process	This action is logged when the discovery bot successfully creates a new process.
Discovery bot create process assignment	This action is logged when the discovery bot successfully creates a new process assignment.
Discovery bot create project	This action is logged when the discovery bot successfully creates a new project.
Discovery bot create recording	This action is logged when the discovery bot successfully creates a new recording.
Discovery bot create recording step	This action is logged when the discovery bot successfully creates a new recording step.
Discovery bot create recording step metadata	This action is logged when the discovery bot successfully creates metadata for a new recording step.
Discovery bot delete aggregated recording	This action is logged when the discovery bot sucessfully deletes an aggregated recording.
Discovery bot delete opportunity	This action is logged when the discovery bot successfully deletes an opportunity.
Discovery bot delete process	This action is logged when the discovery bot successfully deletes a process.
Discovery bot delete process assignment	This action is logged when the discovery bot successfully deletes a process assignment.
Discovery bot delete project	This action is logged when the discovery bot successfully deletes a project.
Discovery bot delete recording	This action is logged when the discovery bot successfully deletes a recording.
Discovery bot delete recording step	This action is logged when the discovery bot successfully deletes a recording step.
Discovery bot delete recording step metadata	This action is logged when the discovery bot successfully deletes metadata for a recording step.
Discovery bot export opportunity	This action is logged when the discovery bot exports an opportunity.
Discovery bot migrate opportunity	This action is logged when the discovery bot migrates an opportunity.
Discovery bot update aggregated recording	This action is logged when the discovery bot edits an existing aggregated recording.
Discovery bot update aggregated recording json	This action is logged when the discovery bot edits an existing aggregated recording using json.
Discovery bot update opportunity	This action is logged when the discovery bot edits an existing opportunity.
Discovery bot update process	This action is logged when the discovery bot edits an existing process.
Discovery bot update process assignment	This action is logged when the discovery bot edits an existing process assignment.
Discovery bot update project	This action is logged when the discovery bot edits an existing project.
Discovery bot update recording	This action is logged when the discovery bot edits an existing recording.
Discovery bot update recording step	This action is logged when the discovery bot edits an existing recording step.
Discovery bot update recording step metadata	This action is logged when the discovery bot edits metadata for an existing recording step.

External key vault audit log

For cloud deployments, the External key vault configuration audit entry shows the type of external key vault configured (if any). Automation Anywhere supports these external key vaults:

AWS Secrets Manager
Azure Key Vault
CyberArk Password Vault

Based on the type of external key vault configured, the external key vault configuration details shows different attributes and their values.


Audit log entry	External key vault	User action	Configuration details shows these attributes and their values
External key vault configuration	AWS Secrets Manager	Adds a new AWS Secrets Manager when there was previously no external key vault.	External key vault value: Changes from no external key vault to AWS Secrets Manager. AWS Secrets Manager value is Enabled Region value is set to (for example) us-east-1
	CyberArk	Adds a new CyberArk Password Vault when there was previously no external key vault.	External key vault value: Changes from no external key vault to CyberArk. CyberArk value is Enabled Vault URL is the CyberArk AIM server CCP API URL and is set to (for example) https://<hostname:port_num>/ Application ID is the CCP API AppID and is set to (for example) AAEControlRoom
	Azure Key vault	Adds a new Azure Key vault when there was previously no external key vault.	External key vault value: Changes from no external key vault to Azure Key vault. Azure Key vault value is Enabled Vault URL is the Azure Key Vault URL and is set to (for example) https://user-db-vault.vault.azure.net/ Client ID is the (application) ID of an App Registration in the tenant and is set to (for example)536145 Tenant ID is the Azure Active Directory tenant (directory) ID and is set to (for example)89D12L
External key vault configuration	Change from AWS Secrets Manager to CyberArk	User changes from one external key vault to another type.	External key vault value changes from AWS Secrets Manger to CyberArk

Notifications audit entries

The following table shows the list of notification settings audit entries and their descriptions (listed alphabetically):


Audit log entries	Description
Admin email report	This action is logged when a Control Room administrator enables or disables the email report using notification settings (Administration > Settings > Notification settings > Email report > Edit).
Notification Settings	This action is logged when a Control Room administrator enables or disables the event categories using notification settings (Administration > Settings > Notification settings.Enable/disable notifications for all users).
User email report	This action is logged when a Control Room user enables or disables the email report using Control Room notification panel (Bell icon > Notification settings > Select channels).
User Notification Settings	This action is logged when a Control Room user enables or disables the event categories using Control Room notification panel (Bell icon > Notification settings > Show notifications for).

OAuth connection audit entries

The following table shows the list of OAuth connection audit entries and their descriptions (listed alphabetically):


Audit entries	Description
Bulk delete OAuth connection	This action is logged when multiple OAuth connections are deleted simultaneously.
Create OAuth connection	This action is logged when an OAuth connection is successfully created.
Delete OAuth connection	This action is logged when an OAuth connection is successfully deleted.
Update OAuth connection	This action is logged when an OAuth connection is successfully updated.

Run bot audit entries

The following table shows the list of run bot audit entries and their descriptions (listed alphabetically):


Audit entries	Description
Run bot disconnected	This action is logged when a user disconnects a running bot.
Run bot finished	This action is logged when a running bot finishes.
Run bot paused	This action is logged when a user pauses a running bot.
Run bot pre process failed	This action is logged when the pre-process to run the bot fails.
Run bot resumed	This action is logged when a previously paused bot resumes to run.
Run bot stopped	This action is logged when a user stops a running bot.

Schedule bot audit entries

The following table shows the list of schedule bot audit entries and their descriptions (listed alphabetically):


Audit entries	Description
Schedule bot disconnected	This action is logged when a scheduled bot is disconnected.
Schedule bot ended	This action is logged when a scheduled bot ends.
Schedule bot paused	This action is logged when a scheduled bot pauses.
Schedule bot reconnected	This action is logged when a scheduled bot is reconnected.
Schedule bot resumed	This action is logged when a scheduled bot resumes.
Schedule bot stopped	This action is logged when a scheduled bot stops.

Syslog audit log

For on-premises deployments, the SysLog Configuration audit entry shows the Control Room server status when adding, editing, or deleting the system configuration. The Syslog details shows these attributes and their values:

Syslog Server Hostname: Full qualified domain name (FQDN) or the IP address of the Syslog server used to deliver the log reports
Port: Port used by the remote Syslog server to receive incoming Syslog records
Protocol: TCP or UDP
Use Secure Connection: TLS encrypted channel used to send Syslog records to the remote Syslog server


Audit log entry	Status	User action	SysLog details shows these attributes and their values
SysLog Configuration	Successful	Adds new values to an existing server	Syslog Server Hostname Port Protocol Use Secure Connection For example: MyServer1.aa.com, 468, TCP, Enabled
	Successful	Adds new values to multiple servers	Syslog Server Hostname Port Protocol Use Secure Connection For example: MyServer1.aa.com, 468, TCP, Enabled MyServer2.aa.com, 333, TCP, Disabled
	Successful	Edits existing server	Syslog Server Hostname Port Protocol Use Secure Connection For example: Old ValueMyServer1.aa.com, 468, TCP, Enabled New Value MyServer123.aa.com, 514, UDP, Disabled
	Successful	Deletes existing server	Syslog Server Hostname Port Protocol Use Secure Connection For example: MyServer1.aa.com, 468, TCP, Enabled
SysLog Configuration	Unsuccessful	User attempted to save the system configuration; however, the Control Room was not able to save the configuration.	For an unsuccessful status, you can use the results to troubleshoot the issue. Examples: Invalid Protocol, or Could not save SysLog settings. Invalid Host.