An audit trail (also called audit log) is an immutable record that keeps track of administrative actions performed in the system, such as important changes to course completion or enrollment status. The Audit Trail report provides evidence of a sequence of activities that have affected specific operations, procedures, or events, and it is useful to allocate the appropriate accountability in case of incidents, specifically pertaining to compliance. The Audit Trail app makes the platform CF21 chap. 11 compliant.
Activating the App
To activate the app, access your Admin Menu from the gear icon in the top right corner of your platform, then press the Add New Apps at the top of the menu. On the next page, reach the Docebo Additional Features tab, then find the Audit Trail & 21 CFR Part 11 app in the list. Press the Contact Us button in the app’s row. Fill out the proper form using the Communication Center, then Docebo will contact you regarding the activation of the app.
Creating Audit Trail Reports
To create a report, access the Admin Menu, then press the Reports item in the E-Learning section. On the main Reports page, press the Create Custom Report button. In the pop-up box, provide a name for the report, then flag the option to create an Audit Trail report. Press Next.
Choose the users to include in the report, selecting them from the Users, Groups or Branch tab. The system can keep multiple selections among tabs. You can also run a report on all registered users, if necessary. Note that when you select users in an Audit Trail Report, you are selecting the administrative users who performed the specified action(s) instead of the acted upon users. For example, if you later choose the event User has been created (by administrator), you select the administrators who created the users and not the created users. Press Next to proceed.
Select the courses you want to include in the report. You can choose specific courses or all the available courses. Press Next and select the data you want to see in the report, browsing among different event categories:
- Power Users. Data regarding seat allocation and purchase.
- Courses. Data regarding changes and deletion of courses and sessions, training material, etc.
- Learning Plan. Data regarding the creation, update, or deletion of learning plans.
- Custom Reports. Data regarding the creation, deletion and publishing of reports.
- User Management. Data related to user creation, deletion, suspension, and management.
- Enrollments. Data regarding the courses where users have been enrolled or unenrolled.
- Subscription Plan, Bundle, Record and Seat Association. Retrieve data related to Subscription Plans.
- Theme Management. Data regarding the change of the theme of the platform. This event can be tracked for both single domains as well as subdomains created with the Extended Enterprise App.
- Query Report. Data regarding the actions made on reports by the Query Builder in order to manually create reports extracting data directly from the database. This functionality is available only on demand.
For a full list of events that can be used in the audit trail report, refer here.
Press Next to continue and select how data will be ordered in the report using the Order By dropdown menu. Press Next again and select whether you want to schedule the report, view it, or save it.
Managing Audit Trail Reports
Once you’ve created an Audit Trail report, it will be listed on the main Reports page in your platform. A row dedicated to every report shows the report name, its author and creation date, the report visibility and whether the report is scheduled. Click on the magnifying glass icon at the end of the row to view the report, and on the download icon to export it in CSV, XLS or HTML format. From the ellipsis icon menu, you can schedule, edit or delete the report.
By default, audit trail reports are private reports. Private reports are only visible to the owner of the report and to all Superadmins.
Events for the [GET] /manage/v1/trails API
For those using the [GET] /manage/v1/trails API for the Audit Trail app, refer to this document for a full list of events that can be included in the API.
Tips & Tricks
You should refrain from creating a single Audit trail report containing all the events. It’s better to have a single report for each category and limit time period in order to ease readability and use of the report itself.