Contents of audit log entries

This information is collected for entries in the audit log. Some fields in an audit log entry may be empty. This occurs when the information is not relevant to the logged transaction or when it is not possible to retrieve the information.

Field Description
Security GUID A unique GUID value used to identify the audit log entry.
Tenant ID The ID of the tenant in cloud deployments. Conforms to the Infor tenant ID specification.
Session ID The ID of the session where the transaction was initiated.
User Identity

The identity of the user that performed the action. The WBU_IDENTITY2 column is used in environments where Workforce Management is integrated with Infor OS Portal. In other environments, the WBU_NAME column is used.
wfmAsAnotherUserIdentity When a logged action is performed by a user who is proxying another user, this field contains the identity of the user being proxied. Otherwise, this field is empty. This field uses the same columns to identify users as the User Identity field.
Transaction Name The URL for the maintenance form or API request that performed the query.
Severity The severity of the transaction. These are the possible severity levels:
  • CRITICAL for events that are critical to security because they should not happen in a normal product configuration. For example, when an admin maintenance form is accessed by a user that is not a member of the SYSTEM ADMIN security group. This includes when a SYSTEM ADMIN user is being proxied by a user that is not a member of the SYSTEM ADMIN group.
  • HIGH for events that you may want to review for security reasons, but that occur during the normal use and configuration of the product. For example, when an admin maintenance form is accessed by a user that is a member of the SYSTEM ADMIN security group.
  • MEDIUM for normal events. These events are logged for information purposes.
Event Type The type of event that was logged.
Outcome The result of the transaction: SUCCESS for successful transactions or FAILED for transactions that were rolled back.
User Group A list of security groups that the user that performed the action belongs to.
WFMQuery The SQL query.