Skip to main content

Audit Logs

What are the tiCrypt Audit Logs?

The Audit Logs is the UI that displays the lines of the audit log being written; it confirms that the auditing is working.

How do I Start Auditing in tiCrypt?

Auditing and Compliance are two sides of the same coin.

With tiAudit, you can gain a comprehensive end-to-end view of how activities unfold in tiCrypt, including who performs which tasks and when, thus achieving a complete picture of the system.

This view allows you to interact with the data without restrictions while presenting an accurate image of data history; it acts as a conduit where data is pushed from tiCrypt.

note

Everything in the system is recorded in the audit log, but you cannot retrieve it without using tiAudit.

What is the tiAudit?

tiAudit is a separate tiCrypt UI component that provides auditing, data analytics, and reporting capabilities in a single package. This provides a detailed overview of all tiCrypt activities in an interactive interface.

tiAudit can filter by users, projects, and other fields. Extensive charting and the ability to use all ClickHouse features allow you to be a super-admin and have a complete picture of the full system history starting from the installation day.

The most notable feature of tiAudit is the one-click download of all reports. Compliance reports are generated with one click and are fully customizable.

The large number of automatically saved queries allows rapid searches in very large data sets whenever required.

For example, tiAudit takes only one to two seconds to find specific queries and generate a complete report from a large dataset.

What is the tiAudit Trifacta?

1.Alerts

Alerts function as notifications.

All informational content regarding permissions, restrictions, or blockchain status can be found here.

2. Reports

Reports are at the core of tiAudit.

It allows you to create and download built-in and custom reports with one click, enabling you to act as a super-admin. The reports not only fulfill compliance requirements but also provide insights into data analytics. They allow in-depth customization based on the following parameters:

  • Period of concern
  • Objects of importance

This helps collect a subset of audit history in the reports.

The download generates an extensive collection of all reports in the widely used .xls format, which can be further analyzed. In addition, reports provide extensive charting capabilities to visualize how trends emerge.

3. Queries

Queries are built-in interrogations that enhance search over the ClickHouse database, collecting tiCrypt logs for the most commonly queried data. The queries themselves are parameterized by:

  • Time
  • Status of concern
  • Result size

They allow you to flexibly retrieve the relevant data subset of interest.

To assist in selecting queries, filters are provided to narrow down the search not only by objects such as teams or users, but also by the type served by that query; namely Alerts, Compliance, etc.

What are the tiAudit Advanced Features?

1. SQL

SQL is a meta-programming feature that enables you to access all the querying capabilities of ClickHouse via SQL statements with extensive filtering options. This gives you the ability to perform ad-hoc querying.

2. Management

The Management feature allows you to manage the user base of tiAudit and also offers the capability to customize and create reports from existing ones.

It primarily provides the following options:

  • Users - Complete list of all users who have access to the system.
  • Invitations - Mechanism that allows you to add more users to the same tiAudit instance.
  • Access Tokens - Allows temporary access for users who need access to the system for a limited period.
  • Reports - Displays the system's current report structures, the queries they contain, and the ability to clone reports onto a new set and customize them to your needs.
  • Upload - Ability to reload the data from scratch in case of data corruption.
  • Queries - List of current queries in the system, with assistance in query management, author and time metadata, creation of query metadata, etc.

How can I Audit a Classified Project?

Typically, auditing a Tagged (locked) or Untagged (Unlocked) project is performed by the auditing team who has access to tiAudit.

Due to project auditing encryption, you can only view what happens with a project file by looking at its history. Another way to audit a project in a VM is by reviewing the VM Logs associated with the project-tagged VM.

  1. View a File's History.
  2. Access the Virtual Machine Controller Logs.
note

Each log has a number, a timestamp with date & time, and a description of the event.

caution

When you download the controller logs, you take full responsibility for the log data of the respective project.

How Should I Prevent Users from Mistakenly Contributing to a Data Breach in my Institution?

tiCrypt allows you to manipulate the data in particular ways based on the Minimal Priviledge principle.

You can trust your users, but you can also verify their trustworthiness.

  1. Go to the Management icon in the top left taskbar.
  2. Navigate to the Miscellaneous section.
  3. Click the Audit Logs in the left panel.
  4. Select the logs you want to export in CSV format.
  5. Click the Export CSV button in the top right panel.
  6. Select Selected items.
  7. In the local window, click Save.
  8. Send the information to the audit team to verify the events.
  9. Collect all event data and determine the status of your user's trust.
tip

You can personalize audit methods for your institution and choose how to enforce them for each individual.