Security event log

The event log records events related to the adding, deleting, and changing of user permissions, which helps carry out security audits. The event log is compatible with all database servers supported by ABBYY FlexiCapture: Microsoft SQL Server, Azure SQL, Oracle, and PostgreSQL.

The logging of security events is disabled by default. This feature can only be enabled by the system administrator directly in a FlexiCapture database. To enable logging:

  • For the default tenant:
    Add the following to the Settings table of the FlexiCapture database:
    [db_name].[dbo].[Settings]
    Name = LogSecurityEvents
    Value = True
    TenantId = Null
  • For custom tenants:
    Turn on second bit in the value of the Flag field for the tenant's record in the Tenant table. For example, you can use 'Update Tenant set Flags = Flags | 2 where Id = NNN;' statement for MS SQL.

Once the logging of security events has been enabled, they are recorded in the dbo.SecurityEventLog table in the ABBYY FlexiCapture database. The following events are logged:

  • UserCreated = 0,
  • UserDeleted = 1,
  • GroupCreated = 2,
  • GroupDeleted = 3,
  • PermissionAdded = 4,
  • PermissionDeleted = 5,
  • AddToGroup = 6 (user added to group),
  • RemoveFromGroup = 7 (user removed from group),
  • UserPasswordChanged = 8,
  • GroupModified = 9 (permissions/membership modified),
  • UserPasswordReset = 10,
  • TenantCreated = 11 (tenant created), 
  • TenantDeleted = 12 (tenant deleted), 
  • ProjectDeleted = 13 (project deleted), 
  • ProjectChanged = 14 (project changed),
  • BatchTypeCreated = 15 (batch type created), 
  • BatchTypeDelete = 16 (batch type deleted), 
  • BatchTypeChanged = 17 (batch type changed), 
  • TemplateCreated = 18 (document definition created), 
  • TemplateDelete = 19 (document definition deleted), 
  • TemplateChanged = 20 (document definition changed),
  • ProjectHotFolderEnable = 21 (project hot folder enabled), 
  • ProjectHotFolderDiable = 22 (project hot folder disabled), 
  • ManualCleanUpStart = 23 (manual cleanup started), 
  • CleanUpEnable = 24 (automatic cleanup enabled), 
  • CleanUpDisable = 25 (automatic cleanup disabled), 
  • AuditingConfigurationChanged = 26 (security event log configuration changed).

Every event logged in dbo.SecurityEventLog is identified by the SecurityEventTypeId attribute (values listed above). Moreover, each event can have the following additional attributes:

  • Date (the date and time of event),
  • Writer (the user that made the change),
  • WriterTenantId (the ID of the tenant of the user that made the change),
  • Principal (the ID of the user/group affected by the event),
  • TenantId (the ID of the tenant that the affected user/group belongs to),
  • Details (additional information about the event),
  • RemoteHost (the IP address of the computer used to make the change).

12.09.2022 16:37:50

Please leave your feedback about this article

Usage of Cookies. In order to optimize the website functionality and improve your online experience ABBYY uses cookies. You agree to the usage of cookies when you continue using this site. Further details can be found in our Privacy Notice.