Skip to main content

Audit Events

Audit events are tracked by Alteryx One Platform and captured in the audit trail.

Account Administration

Event

Description

Additional Metadata

A product entitlement has been removed as a result of an expired contract

A product has been enabled in a workspace as a result of a change to the contract.

A product has been enabled in a workspace as a result of a change to the contract

A product has been disabled in a workspace as a result of an expired contract.

An API access token has been set up as a result of a contract change

An API access token has been disabled as a result of an expired contract.

assign_user_seats

1 or more users have been assigned a role.

userIdsWithUnassignedSeat

productPolicyId

create_audit_storage_connection

Audit to cloud storage connection is created.

bucketName

cloudStorageType (S3, Azure, GCS, etc)

create_billing_account

Creation of a billing account.

billingAccountId

billingAccount.getName()

delete_audit_storage_connection

Audit to cloud storage connection is deleted.

cloudStorageType (S3, Azure, GCS, etc)

(if successful)

bucketName

deprovision_product

A product entitlement has been removed as a result of an expired contract.

productName

productSKU

enable_api_access

An API access token has been set up as a result of a contract change.

licenseBillingService

insufficient_seats_quantity_for_role

An attempt to assign 1 or more users a role was rejected because there were insufficient seats for a specific role.

productPolicyId

userIdsWithUnassignedSeat

no_user_seats_assigned

An attempt to assign 1 or more users a role was rejected because the users were already assigned the specified role.

productPolicyIduserIds

no_user_seats_assigned

An attempt to assign 1 or more users a role was rejected because there were insufficient entitlements.

productPolicyIduserIds

no_user_seats_to_revoke

An attempt to remove seats occurred, but it was not successful as there are no seats to be revoked.

removedProductPolicyIds

removedUserIds

provision_product

A product entitlement has been provisioned as a result of a change to the contract.

productName

productSKU

revoke_user_seats_due_to_overages

An attempt to add assigned seats exceeded the contracted values and the seats causing overages have been revoked.

removedProductPolicyIds

removedUserIds

revoke_user_seats

Seats have been revoked.

removedProductPolicyIds

removedUserIds

update_audit_storage_connection

Audit to cloud storage connection is updated.

cloudStorageType (S3, Azure, GCS, etc)

new: {
 bucketName, 
 bucketRegion,
 roleArn
}

(if successful)

old: 
{  
  bucketName,
  bucketRegion,  
  roleArn 
}

update_billing_account

A modification to the name of the billing account.

billingAccountId

oldBillingAccountName

newBillingAccountName

update_entitlements_quantity

A modification to the number of effective entitlements.

oldEntitlementQuantity

newEntitlementQuantity

update_workspace_tier

A modification to the contract tier.

oldTierName

newTierName

workspaceName

Workflow

Event

Description

Additional Metadata

create_workflow

Creating a new workflow. workflowMode could be: Cloud Native, Standard.

assetId

workflowName

workflowMode

import_workflow

Importing workflow is complete.

assetId

workflowName

delete_workflow

Workflow is deleted.

assetId

workflowName

workflow_run_initiated

Initiating Full Run execution for workflow. initiatedFrom could be: Schedule, Plans, Cloud.

assetId

workflowName

initiatedFrom

export_workflow

Workflow is exported.

assetId

workflowName

update_workflow

Capturing any update to a workflow (when a new version was added for workflow).

assetId

workflowName

rename_workflow

Renaming workflow.

assetId

oldWorkflowName

newWorkflowName

set_workflow_version_name

Setting a name for specific workflow version.

assetId

versionId

versionName

remove_access_workflow

Removing access for workflow.

assetId

workflowName

removedAccessUserId

removedAccessUserEmail

share_access_workflow

Sharing access on workflow. permissionType could be: view/edit.

assetId

workflowName

shareeUserId

shareeEmail

permissionType

Scheduling

Event

Description

Additional Metadata

create_schedule_data_connection

Schedule data connection created.

asset_type

asset_id(s)

create_schedule

Schedule created.

asset_type

asset_id(s)

delete_schedule

Schedule deleted.

asset_type

asset_id(s)

disable_schedule

Schedule disabled.

asset_type

asset_id(s)

enable_schedule

Schedule enabled.

asset_type

asset_id(s)

modify_schedule

Schedule modified.

asset_type

asset_id(s)

update_schedule_data_connection

Schedule data connection updated.

asset_type

asset_id(s)

Plans

Event

Description

Additional Metadata

create_plan

Plan created.

assetId

planName

delete_plan

Plan deleted

assetId

planName

Email_Task_Added

Email task added to a Plan.

assetId

planName

HTTP_Task_Added

HTTP task added to a Plan.

assetId

planName

Email_Task_Recipient

Recipients added/deleted from an email task (To, CC, BCC).

assetId

planName

HTTP_Task_Edited

Configuration of an HTTP task in a plan edited.

assetId

planName

rename_plan

Plan renamed.

assetId

planName

assetId

initiatedFrom

share_access_plan

Plan shared. As a successful event is considered only plan shared, not dependencies.

assetId

planName

shareeUserId

shareeEmail

permissionType

export_plan

Plan exported.

assetId

planName

import_plan

Plan imported.

assetId

planName

transfer_owner_plan

Plan ownership transferred to another user.

assetId

planName

planOldOwner

planNewOwner

Plan_Output_Download

Output downloaded as part of a plan .

assetId

planName

Auto Insights

Event

Description

Additional Metadata

mission.created

Mission created

name

ulid

mission.sent

Mission sent

name

ulid

mission.deleted

Mission deleted

name

ulid

mission.subscription.created

Mission subscription created

name

ulid

mission.subscription.deleted

Mission subscription deleted

name

ulid

report.created

Report created

name

ulid

report.published

Report published

name

ulid

report.sent

Report sent

name

ulid

report.downloaded

Report downloaded

name

ulid

report.deleted

Report deleted

name

ulid

report.subscription.created

Report subscription created

name

ulid

report.subscription.deleted

Report subscription deleted

name

ulid

playbooks.scenarios.synthetic.generate

Generate list of Playbooks use cases from scenario.

aaiService, sessionID

playbooks.reports.synthetic.generate

Generate list of Playbooks Reports using synthetic data.

aaiService, reportID

playbooks.reports.byo.generate

Generate list of Playbooks Reports using Dataset X.

aaiService, reportID

playbooks.scenarios.byo.generate

Generate list of Playbooks use cases on Dataset X.

aaiService, sessionID

Autenticación

Clave de evento

Descripción del evento

Campos de metadatos adicionales

create_oauth_token

Crear token de API OAuth 2.0 por el usuario <userId> en el espacio de trabajo|cuenta <workspaceId>|<accountId>.

create_session

La sesión <sessionId> fue creada en la ubicación <location> usando <browser>.

create_static_api_token

Crear token de acceso por el usuario <userId> en el espacio de trabajo|cuenta <workspaceId>|<accountId>.

create_user

Crear usuario <email>.

delete_oauth_token

Eliminar el token de API OAuth 2.0 <tokenId> en el espacio de trabajo|cuenta <workspaceId>|<accountId>.

delete_static_api_token

Elimina el token de acceso <tokenId> del espacio de trabajo <workspaceId>|<accountId>.

export_status_rescan_domain_trigger

Se activó el reescaneo del dominio de estado de exportación.

emailDomain

export_status_rescan_login

El estado de exportación de un usuario se volvió a escanear durante el inicio de sesión.

exportStatus

export_status_rescan_trigger

Se activó el reescaneo del estado de exportación.

export_status_update

El estado de exportación de un usuario se actualizó mediante el evento Amber Road.

exportStatus, updatedStatus

force_reset_password

Fuerza al usuario <userId> a restablecer la contraseña al iniciar sesión.

reset_password

Restablece la contraseña para el usuario <userId>.

revoke_oauth_token

Revocar el token de API OAuth 2.0 <tokenId> en el espacio de trabajo | cuenta <workspaceId>|<accountId>.

revoke_session

Revoca la sesión <sessionId> del usuario <userId>.

create_ip_list

Crea lista de IP para la cuenta <accountId>.

create_sso_config

Crea configuración de SSO en el espacio de trabajo|cuenta <workspaceId>|<accountId>.

update_sso_config

Actualiza la configuración de SSO en el espacio de trabajo|cuenta <workspaceId>|<accountId>.

update_ip_list

Actualiza la lista de IP para la cuenta <accountId>.

existingIpAddresses, updatedIpAddresses

update_password

Actualiza la contraseña de usuario <userId>.

update_user

Actualiza el usuario <userId>.

validate_one_time_passcode

Valida el OTP para el correo electrónico <email>.

Autorización

Clave de evento

Descripción del evento

Campos de metadatos adicionales

add_group_role

Agrega rol [roleId] al grupo [groupId].

objeto de grupo, [user objects], [role objects]

add_group_user

Agrega el usuario [userGid] al grupo [groupId].

objeto de grupo, [user objects], [role objects]

asset_transfer_event

La propiedad de <assets> se transfirió a PersonId-<PersonId> PersonEmail-<personEmail>.

assets, toPersonId, toPersonEmail

assign_role

Asigna el rol <roleId> a los usuarios <userIds> en el espacio de trabajo <workspaceId>.

create_role

Crea un rol <roleName> en el espacio de trabajo <workspaceId>.

disable_scim

Conexión de SCIM deshabilitada por [email].

disable_user

Deshabilita el usuario <personId> en el espacio de trabajo <workspaceId>.

enable_user

Habilita al usuario <personId> en el espacio de trabajo <workspaceId>.

generate_scim_token

Token SCIM generado por [email].

invite_user

Invita al usuario <email> al espacio de trabajo|cuenta <workspaceId>|<accountId>.

reinvite_user

Vuelve a invitar a los usuarios <personIds> a la cuenta <workspaceId>|<accountId>.

remove_group_role

Quita el rol [roleId] del grupo [groupId].

group object], [user objects], [role objects]

remove_group_user

Quita usuario [userGid] del grupo [groupId].

group object], [user objects], [role objects]

remove_user

Se eliminaron los usuarios <personIds> de la cuenta <accountId>.

o

Se quitaron los usuarios <personIds> del espacio de trabajo <workspaceId>.

revoke_role

Desasigna el rol <roleId> del usuario <userId> en el espacio de trabajo <workspaceId>.

create_group

Agrega el usuario [email] al grupo [groupId].

delete_group

Quita el usuario [email] del grupo [groupId].

enable_scim

Conexión SCIM habilitada por [email].

update_group

El nombre para mostrar del grupo cambió a [name].

update_role

Actualiza el rol <roleId> en el espacio de trabajo <workspaceId>.

Administración de espacios de trabajo

Clave de evento

Descripción del evento

Campos de metadatos adicionales

add_workspace

Crea un espacio de trabajo con nombre <name> y cantidad máxima de usuarios <max_user_number> para billingAccountId <accountId>.

o

Crea un espacio de trabajo con nombre <name> y cantidad máxima de usuarios <max_user_number> para el nivel <tier>.

delete_workspace

Elimina el espacio de trabajo <workspaceId>.

update_workspace

Se actualizaron los detalles del espacio de trabajo, cambiando el nombre a <name> y la cantidad máxima de usuarios a <maxUserNumber> para el workspaceId <workspaceId> y el billingAccountId <accountId>.

workspace_setting_change

Actualizar la configuración en el espacio de trabajo <workspaceId>:<configurationName>.

configurationName, configurationValue, workspaceName

En esta sección: