Codebeamer Audit Trail
Codebeamer Audit is a tool for System Administrators to analyze and export the following user interactions:
• User logins, logouts (including system logouts).
• User created, enabled (activated), disabled.
• User assigned to or removed from User Groups.
• Work Item or Artifact modification actions (create, update, delete).
• Permission changes (Trackers, Tracker fields, Roles, User Groups).
How to get the Audit information
The Audit feature can be accessed on the System Admin page.
Then click Audit to go to the Audit page.
Audit Configuration setup
Audit is enabled by default but it is also configured using general.xml:
All enabled audit events are stored in the audit log after successful configuration, but this configuration is also available on the Config tab.
The events that can be selected are categorized by type as follows:
Event Types | Events |
|---|---|
Login Event Types | The events are as follows: • User Login • User Logout • User System Logout |
Work Item Event Types | The events are as follows: • Work Item Create • Work Item Delete • Work Item Remove • Work Item Restore • Work Item Update |
Artifact Event Types | The events are as follows: • Artifact Create • Artifact Delete • Artifact Remove • Artifact Restore • Artifact Update |
Permission Event Types | The events are as follows: • Artifact Permission Create • Artifact Permission Delete • Artifact Permission Update • Group Assign • Group Remove • User Create • User Disable • User Enable |
 | The System Admin configuration page changes are not persisted into general.xml. So if Codebeamer is restarted, the general.xml settings will be used. |
In all username fields, disabled users are indicated with a strikethrough.
Automatic Audit Log Remover Job
The Audit Remover Job deletes the old User Login and Work Item Modification Action Audit entries. Audit removal is also configurable and you can define how long the audit records must be retained:
• Minimum: 30 days.
• Maximum: 365 days.
• Default is 180 days.
The older records will be automatically deleted.
| | If you want to retain such audit information beyond the maximum specified period, you must make a backup from the database periodically, or export audit information into other formats such as PDF or Excel. |
Listing and Exporting Audit Information
Users can list and export three types of custom filterable audit records.
Each tab contains export functionality and you can export the result to PDF or Excel with the following icons: 
.
.Login History Audit
On the Logins tab you can search for information on the login/logout time of users.
You can enter the following search parameters to filter the result:
• Users parameter contains usernames.
• Event Types parameter contains the selected events: User Login, User Logout, User System Logout.
• The Login range parameter contains the selected date interval (it cannot be greater than one year).
The search result contains the audit records. The following columns are displayed:
• User contains the username and a profile picture if it is uploaded by the user. The username contains a link to the user page.
• Event Type contains the event.
• Created at contains the login or logout date.
Work Item Modification Action Audit
On the Artifacts tab, you can search for information on create, update or delete actions for artifacts and work items.
You can enter the following search parameters to filter the result:
• The Users parameter contains usernames.
• The Projects parameter contains project names.
• The Trackers parameter contains tracker names.
• The Event Types parameter contains the selected events:
◦ Work Item Create, Work Item Delete, Work Item Remove, Work Item Restore, Work Item Update.
◦ Artifact Create, Artifact Delete, Artifact Remove, Artifact Restore, Artifact Update.
• The Created at range parameter contains the selected date interval (it cannot be greater than one year).
The search result contains the audit records. The following columns are available:
• User contains the username and a profile picture if it is uploaded by the user. The username contains a link to the user page.
• Artifact contains the name and link to the artifact.
• Work Item contains the name of the item. The name is a link to the corresponding item.
• Event Type contains the event
• Project contains the project name if it is available. The name is a link to the corresponding project.
• Tracker contains the tracker name if it is available. The name is a link to the corresponding tracker.
• Changes contains a link to the diff view if it is available. This link is available for work items. Click Show changes to see the diff.
• Created at contains the action date.
Permissions Change Audit
On the Permissions tab, you can search for information on create, update or delete permissions for trackers, tracker fields, roles or user groups.
You can enter the following search parameters to filter the result:
• Users parameter contains usernames.
• Target Users contains the usernames impacted by the selected event.
• Projects parameter contains project names.
• Trackers parameter contains tracker names.
• Event Types parameter contains the selected events: Artifact Permission Create, Artifact Permission Delete, Artifact Permission Update, Group Assign, Group Remove, User Create, User Disable, and User Enable.
• Created at range parameter contains the selected date interval (it cannot be greater than one year).
You can search for enabled and disabled users with User Enable and User Disable event types.
The search result contains the audit records. The following columns are available:
• User contains the username and a profile picture if it is uploaded by the user. The username contains a link to the user page.
• Artifact contains the name of the artifact.
• Event Type contains the event name.
• Project contains the project name if it is available.
• Tracker contains the tracker name if it is available.
• Message contains a link based on the event. Click Show changes to see the diff. For Group Assign and Group Remove events, the impacted username is displayed in this column. For the User Create, User Enable, and User Disable events, this column is blank.
• Created at contains the action date.
For user events, two entries are logged as follows:
• When a user is created there are two entries logged for User Create and Group Assign.
• When a user is disabled, there are two entries logged for User Disable and Group Remove.
• When a user is enabled, there are two entries logged for User Enable and Group Assign.
.
Swagger API to Audit Changes of Permissions
The following endpoint is available to audit changes of permissions:
/v3/sysadmin/audit/permissions
For more information, see: Swagger API.
The following parameters are available and you can specify numeric values in each as per your requirement:
• The page parameter sets the page index number starting from 1.
• The pageSize parameter sets the number of items per page. The maximum value is 100. A value of 0 indicates that there will be no paging so all the results will be fetched together.
A sample request is as follows:
Sample request:
{
"userNames" :
[
"bond"
],
"targetUserNames" :
[
"u01",
"abc"
],
"projectIds" :
[
"541",
"542"
],
"trackerIds" :
[
"753",
"859"
],
"eventTypes" :
[
"User Create",
"Group Assign",
"Artifact Permission Create"
],
"fromDate": "2023-05-10T07:16:06.255Z",
"toDate": "2024-04-10T07:16:06.255Z",
"duration": "This_Week",
"showChanges" : "false"
}
{
"userNames" :
[
"bond"
],
"targetUserNames" :
[
"u01",
"abc"
],
"projectIds" :
[
"541",
"542"
],
"trackerIds" :
[
"753",
"859"
],
"eventTypes" :
[
"User Create",
"Group Assign",
"Artifact Permission Create"
],
"fromDate": "2023-05-10T07:16:06.255Z",
"toDate": "2024-04-10T07:16:06.255Z",
"duration": "This_Week",
"showChanges" : "false"
}
For the duration of the audit log, specify either duration, or fromDate and toDate. If both are specified, then fromDate and toDate are ignored and only duration is considered.
The permitted values for duration are as per the options available in the user interface. Spaces are replaced with underscores. For instance, Last_365_Days.
The showChanges attribute is not supported. If it is set to true, the message response will display an error that the feature is not supported.
A sample response is as follows:
{
"page": 2,
"pageSize": 4,
"total": 10,
"auditPermissions": [
{
"user": "user1",
"userStatus": "Enabled",
"artifact": "Regular User without Review",
"eventType": "Group Assign",
"project": "--",
"tracker": "--",
"message": {
"value": "Impacted User: user2 (Enabled)"
},
"createdAt": "2023-04-10T08:06:51.441"
},
{
"user": "user3",
"userStatus": "Enabled",
"artifact": "Remote API Access",
"eventType": "Group Assign",
"project": "--",
"tracker": "--",
"message": {
"value": "Impacted User: user4 (Enabled)"
},
"createdAt": "2024-04-10T06:27:57.049"
},
{
"user": "user3",
"userStatus": "Enabled",
"artifact": "Regular User2",
"eventType": "Group Assign",
"project": "--",
"tracker": "--",
"message": {
"value": "Impacted User: user4 (Enabled)"
},
"createdAt": "2024-04-10T06:27:57.049"
},
{
"user": "user3",
"userStatus": "Enabled",
"artifact": "user",
"eventType": "Group Assign",
"project": "--",
"tracker": "--",
"message": {
"value": "Impacted User: user4 (Enabled)"
},
"createdAt": "2024-04-10T06:27:57.049"
}
],
"nextLink": "https://test-server.intland.com:8201/api/v3/sysadmin/audit/permissions?page=3&pageSize=4",
"previousLink": "https://test-server.intland.com:8201/api/v3/sysadmin/audit/permissions?page=1&pageSize=4"
}
"page": 2,
"pageSize": 4,
"total": 10,
"auditPermissions": [
{
"user": "user1",
"userStatus": "Enabled",
"artifact": "Regular User without Review",
"eventType": "Group Assign",
"project": "--",
"tracker": "--",
"message": {
"value": "Impacted User: user2 (Enabled)"
},
"createdAt": "2023-04-10T08:06:51.441"
},
{
"user": "user3",
"userStatus": "Enabled",
"artifact": "Remote API Access",
"eventType": "Group Assign",
"project": "--",
"tracker": "--",
"message": {
"value": "Impacted User: user4 (Enabled)"
},
"createdAt": "2024-04-10T06:27:57.049"
},
{
"user": "user3",
"userStatus": "Enabled",
"artifact": "Regular User2",
"eventType": "Group Assign",
"project": "--",
"tracker": "--",
"message": {
"value": "Impacted User: user4 (Enabled)"
},
"createdAt": "2024-04-10T06:27:57.049"
},
{
"user": "user3",
"userStatus": "Enabled",
"artifact": "user",
"eventType": "Group Assign",
"project": "--",
"tracker": "--",
"message": {
"value": "Impacted User: user4 (Enabled)"
},
"createdAt": "2024-04-10T06:27:57.049"
}
],
"nextLink": "https://test-server.intland.com:8201/api/v3/sysadmin/audit/permissions?page=3&pageSize=4",
"previousLink": "https://test-server.intland.com:8201/api/v3/sysadmin/audit/permissions?page=1&pageSize=4"
}