Read and Review Automation Anywhere Documentation

Automation 360

Close Contents


Open Contents

Audit logs

  • Updated: 2022/03/29
    • Automation 360 v.x
    • Explore
    • RPA Workspace

Audit logs

The Automation 360 platform provides a comprehensive and centralized audit logging of all automation activities to authorized users. Role-based access control to Audit Log is managed through the Control Room. More than 60 audit actions are logged.

All valid and invalid attempts of actions are logged. Events are logged by the following factors:
Doer of the action
For example, a username.
Source of the action
For example, Bot Runner or Control Room
Type of event
The description of the event.
When the event occurred
For example, the date and the time of the event.
Where the event occurred
The device.
Outcome of the event
Description and status of the event.

Some key audit actions include the following:

  • Log in and log out of the centralized Control Room.
  • Create, update, and delete Users.
  • Activate and deactivate the Control Room users.
  • Any change of password for any user
  • Create, update, and delete roles (helps in tracking changes to security policy, change in user access privileges)
  • Create, update, and delete schedules
  • Connection to the Credential Vault
  • Create, update, and delete credentials
  • Deploy the bots from the Control Room to the remote Bot Runners.
  • Pause, resume, and stop the ongoing automations.
  • Any upload and download from Bot Creators and Bot Runners
  • Any check-in, check-out of bots from Bot Creators and Bot Runners
  • Update email and other settings
  • Enable and disable secure recording.
  • Change a license.
Note: The information about bot execution activity is retrieved for 90 days in the Control Room Historical activity page. Information older than 90 days can be viewed in the audit logs.

RBAC on audit log

Audit is automated for all privileged and nonprivileged roles to conform to best practices as defined in NIST AC-6. Access is view-only based on a deny-all and allow by exception based on roles and domains as defined in the Audit Section 7 addressing Audit and Accountability (NIST AU 1 through 15) and as required by NIST AC-2 Automated System Account Management.

If a role does not have permission to view Audit Logs, the Audit Trail tab is not visible to all members of those roles. Audit automatically captures all events related to creation, modification, enable, disable, user removals, bots, Bot Creators, and Bot Runners.

Control Room Bot Creator and Bot Runner activity logging

For every Bot Creator and Bot Runner, the Automation Anywhere Enterprise platform does comprehensive activity logging for bots, workflows, and reports.

Some of the key activities logged include the following:

  • Task creation, update, deletion (task is a type of bot).
  • Task run
  • Workflow creation, update, deletion
  • Workflow run
  • Report creation, update, deletion
  • Report run
  • Change in bot properties

Audit of Bot Runner operations

Bot Insight captures additional Bot Runner events for review and analysis of audit records for indications of inappropriate or unusual activity. The Bot Insight logs can be exported for further analysis. Automated dashboards and reports are available and can be customized to identify and alert on anomalous activity. These capabilities conform to best practices as defined in NIST AU-6 Audit Review Analysis and Reporting.

Audit log nonrepudiation

The logs are protected against an individual (or process acting on behalf of an individual) falsely denying having done authorized actions through read-only privileges, automated event capture, and binds the identity of the user to the actions, in conformance with best practices as defined in NIST AU-10 Non-repudiation and AU-11 Association of Identities.

Export audit logs

All Control Room and Bot Insight Bot Runner logs are exported to a Security Event Information Management Systems for further analysis to support the organizations incident response efforts in accordance with the NIST AU-6 and IR-5 requirements.

Send Feedback