Audit Logs Report

Audit logs are fundamental to detecting unlawful data usage and responding to data breach vulnerabilities. Audit logs are produced by each product team and gathered in Talkdesk’s data platform.

These are the available filters in the Audit Logs Report:

  • Date.
  • Operation.
  • Timezone.

The audit logs report has the following information available for extraction:

Recordings:

  • Consult what recordings are available and their metadata.
  • Listen to a recording media file.

Ring groups:

  • Consult ring groups content.
  • Add, update or remove a user ring group.
  • Update the team ring group’s.
  • Create a UC phone ring group.

Agents (users):

  • Consult a user list.
  • Consult a specific user.
  • Create, update or delete a user.

Phone numbers:

  • Consult regulatory information.
  • Consult number details.
  • Consult number lists.
  • Search, import or modify a number.
  • Purchase or release a number
  • Add, delete or update a number.
  • Add, consult or update orders and order lists.

Access Control List (ACL):

  • Create, remove or update roles.
  • Add or remove features from the ACL.
  • Create or remove ACL permissions.

Talkdesk ID:

  • Failed login attempts.
  • Create, remove or update OAuth Client.
  • Create, remove or update OAuth Client keys.
  • User session created or revoked.
  • Create or update password policies.
  • Reset or change user password.
  • Register or remove multifactor authentication (MFA).

Billing:

  • Account credit card added.
  • Auto recharge updates.
  • Billing contacts updates.
  • Buy licenses.
  • Credits added.

Usage: The structure of the Audit logs report will have the following format:

Field nameDescriptionTypeCan be emptyExample
Actor IDID of user or system.StringYesd39de99b-f492-46c3-9618-950be55c7f2c
Generator NameIdentification of the affected system. Pre-defined list of all Talkdesk systemsStringYesTALKDESK-ID
IP AddressesList of Strings with the IP address of the component producing the eventStringYes[8.8.8.8,10.0.0.1]
OperationUse case of the action being executed on the resourceStringNoPassword Recovery
Platform Tid (Talkdesk Identifier)The TID is the Talkdesk platform tracking identifierStringYesd39de99b-f492-46c3-9618-950be55c7f2c
Resource IDThe resource ID that identifies the resource being operated on. This could be the Talkdesk Resource Identifier (TRI) if it existed, or a URIStringYes/session/revoke
Operation StatusSUCCESS, FAILStringYesSUCCESS
User AgentUser agent responsible for the requestStringYesChrome/64.0.3282.167
TimestampIISO8601 timestamp string with milliseconds precision in UTCTimestampNo2017-09-11T20:29:04.123
User IDAgent’s identification number usedStringYesd39de99bf49246c39618950be55c7f2c
Agent NameAgent’s identification number usedStringYesName Surname
Agent EmailAgent’s emailStringYes[email protected]

Available operations: The operations available for extraction in the Audit Logs report are:

Audited systemsAvailable operationsDescription
Recordingsread_call_recordingsConsult the list of a call’s recordings
read_recording_media_fileListen a call recording
read_recordingConsult a specific call recording’s metadata
Ring groupsread_ring_groupsConsult list of all ring groups
update_user_ring_groupsUpdate the ring groups associated to the user
read_team_ring_groupsConsult ring groups from a specific team
assign_users_ring_groupsAssign multiple ring groups to multiple users
unassign_users_ring_groupsUnassigned multiple ring groups from multiple users
read_ring_group_usersConsult the list of users assigned to a ring group
update_team_ring_groupsUpdate the ring groups associated to a team.
create_uc_phone_ring_groupCreate a UC Phone Ring Group.
Agents (users)read_core_userConsult an agent/user
update_core_userUpdate an agent/user
read_core_user_listConsult an agent/user list
create_core_userCreate an agent/user
delete_core_userDelete an agent/user
Phone numbersIMPORT_NUMBERImport a number
RETRIEVE_REGULATORY_INFOConsult regulatory information
SEARCH_NUMBERSearch for a number
RELEASE_NUMBERDeletion of a number
MODIFY_NUMBERChange number friendly name
RETRIEVE_ORDERSRetrieve order list
PURCHASE_NUMBERPurchase a number
PLACE_ORDERPlaced an order
REQUEST_ASSET_LINKRequest download link
UPDATE_ORDERUpdated an order
ADD_OR_UPDATE_NUMBERAdd or update number entity
RETRIEVE_NUMBER_LISTConsult a number list
REMOVE_NUMBERDeletion of a number
RETRIEVE_DATA_LOOKUPRequest a data look up
RETRIEVE_ORDER_LISTConsult an order list
RETRIEVE_NUMBER_DETAILSConsult number details
ADD_OR_UPDATE_ORDERAdd or update order
Access Control List (ACL)role_updatedACL role entity updated
role_createdACL role entity created
role_deletedACL role entity deleted
acl_feature_addedFeature added to the ACL
acl_feature_removedFeature removed from the ACL
acl_permission_addedPermission added to the ACL
acl_permission_removedPermission revoked from the ACL
acl_role_updatedACL role updated. Added to a user, tenant or realm
acl_role_users_updatedACL user roles updated
Talkdesk-idip_ranges_allowlist_updatedIP allowlist was updated
login_attemptUser login attempt failed
mfa_mechanism_registeredA MFA mechanism was registered for a user
mfa_mechanism_removedA MFA mechanism was removed from a user
oauth_client_createdAn OAuth client was created
oauth_client_editedAn OAuth client was altered
oauth_client_revokedAn OAuth client was removed
oauth_client_key_createdAn OAuth client’s public/private key pair was created
oauth_client_key_revokedAn OAuth client’s public/private key pair was removed
oauth_client_redeem_authorization_codeAuthorization code was consumed/redeemed as part of user OAuth flows (example, login)
oauth_client_secret_regeneratedAn OAuth client’s secret was regenerated
password_policies_createdAccount’s password policies were created (part of account provisioning)
password_policies_updatedAccount’s password policies were altered
tenant_createdCustomer account was created
user_authentication_settings_updatedUser account’s authentication settings were altered (example, mandatory 2FA setting enabled)
user_issue_authorization_codeAuthorization code issued as part of user OAuth flows (example, login)
user_password_changedUser password was updated via change password user flow
user_password_resetUpdate the user password after complete forgot password flow
user_resend_invitationUser invitation email was sent again due to resend request
user_session_createdUser session was created (example, on login)
user_session_revokedUser session was revoked (example, on logout)
Billingadd_account_credit_cardAccount credit card was added
add_creditsNew credits were added
buy_licensesNew licenses were purchased
update_auto_rechargeAuto recharge was updated
update_billing_contactsBilling contacts were updated