Audit Report with Activities performed by logged in user.

Showing results for 
Search instead for 
Did you mean: 
Active Member II

Audit Report with Activities performed by logged in user.

Hello everyone,

I am using Alfresco 6 (dockerized) and have deployed it in a production eviornment. My client has requested to develop a report that lists all the users, their login and logout date & time, total hours of login and the Activities which they performed when they were logged in. Now I can list users,login and logout date time and total hours of login through Alfresco's Audit REST API but how can I lists the activites of the users when they were logged in. The actions of the users when they are logged in are also listed in the Audit Rest API but the problem is that my client isn't able to understand these actions.


        "entry": {
          "createdAt": "2021-03-11T09:08:14.982+0000",
          "createdByUser": {
            "id": "junaid",
            "displayName": "Syed Junaid"
          "values": {
            "/alfresco-access/transaction/sub-actions": "readContent",
            "/alfresco-access/transaction/path": "/sys:system/sys:people/cm:junaid",
            "/alfresco-access/transaction/action": "READ",
            "/alfresco-access/transaction/type": "cm:person",
            "/alfresco-access/transaction/user": "junaid"
          "auditApplicationId": "alfresco-access",
          "id": 2212



So the question is How can I change or modify these actions enteries when calling in my webscript?

Kindly view the screenshot of the requirement so that you may understand the output I want to get.




1 Reply

Re: Audit Report with Activities performed by logged in user.

Logins are hard to capture in auditing because of their very different natures, and by default you can really only capture local, password-based logins, but not SSO-based authentication. I myself had to implement a custom module to audit user login times when a customer needed that for their Enterprise license management.

Logout times will be even harder to next to impossible to audit - most of the time, users do not actively log out, instead letting their session expire after times of inactivity or by closing their browser. This cannot be audited at all. Even the active logout in Alfresco Share cannot be audited, as it is an action that does not reach the backend (where auditing takes place), and only actively destroys the session in the frontend (Share).

Furthermore, with auditing you will not be able to record any (logical) activities on the Alfresco Share fontend (or Alfresco Content Applications), as auditing happens in the backend - you will only ever be able to audit low-level actions like "read-access to node X" without knowing the context to that access, e.g. whether it was part of a navigation action or because the user wanted to look at the metadata details.
Similarly, you cannot differentiate the read access to a PDF's content in Alfresco auditing between the use cases of "preview in PDF.js within the UI" and "download to local disk" - they look the completely same.

Lastly, the aggregation of many small audit events into a summary as shown in your requirements screenshots is a very tall order. It can be possible with custom auditing (out-of-the-box alfresco-access / alfresco-api will not be enough), but will take quite some effort. Also note that you will likely have to create multiple audit applications in a two-tiered approach - first tier is about collecting all the low-level audit events about individual actions / events, while the second tier will have to use scheduled jobs to aggregate the first tier entries into higher-level summary entries.