Audit trail

Audit trail provides access to a history of all executed events and procedures on your system. This provides insight into systems information and system integrity and is used for many reasons including compliance, records of change to system including user access, investigation into anomalous system or user behavior and more.

The following actions are logged as part of the audit trail:

• Authentication events (Success & Denied) for system access points (Qlik NPrinting Web Admin, NewsStand, API)
• Qlik NPrinting web administration system configuration

  (Create, update and delete events for Qlik NPrinting entities and settings. This includes events from import functions for users and filters, Qlik NPrinting 16 projects and Qlik NPrinting reports.)

• Qlik NPrinting report execution outcome (Who, Where)
  Inclusive of scheduled and On-Demand reports
• NewsStand events

Installed files

Qlik NPrinting audit database

A separate dedicated database for audit logging is created with Qlik NPrinting Server. This database is created by default with a dedicated user and a randomly generated password. The database is deleted when Qlik NPrinting is uninstalled, so the data needs to be exported before uninstalling if you want to maintain the archive.

Qlik NPrinting audit service

The Qlik NPrinting audit service is installed with Qlik NPrinting Server. The service must be active to write logs to the Qlik NPrinting audit database. The service writes errors to the log file located in %PROGRAMDATA%\NPrinting\Logs\nprinting_audit.log if it fails to write data to the database.

Using the Audit trail

Audit trail logs are consumed via the public REST API https://ServerName:4993/api/v1/audit/logs that provides data as text files separated by tabs.

Do the following:

1. Open the Qlik NPrinting web console in your browser.

2. Log in as a user that has a role with Audit rights.

   See: Managing roles

3. Insert the name of your server in https://ServerName:4993/api/v1/audit/logs then paste it in your browser.

   A text file will start downloading. Each field will be in a different tab.

4. You can open the file in a text editor, import to Excel, or upload it to a Qlik Sense app.

Filtering Audit trail data

Audit trail data can be filtered via API by:

• date

• app id

• user id

• target

• target id

• data type

The resulting CSV contains only filtered rows. All fields are string types. Fields names are case sensitive.

Logged events

Here are some of the event types that are logged:

• Audit Windows service events

• Authentication and security events

  • Authentication

  • Permissions

  • Password reset

• Conditions events

• Connection events

  • Connection creation

  • Cache reload

  • Connection deletion

• Engines events

• Licenses events

• NewsStand events

  • NewsStand reports events

  • Subscription events

• Publish tasks and On-Demand events

• Report distribution events

  • Reports published on the NewsStand

  • Reports published to folder

  • Reports published to Qlik Sense hub

  • Reports send via email

• Users events

Output file

The output file contains the following information: