Event log

The event log provides a record of user actions in Community. It helps you ensure that your data is being accessed and managed appropriately.

Note: You must be an Admin user to access the event log.

The event log keeps a chronological record of select user actions. The event log does not contain personally identifiable information (PII). It records the creation, modification, and deletion of user-accessible entities including user and member accounts, profile variables, and data exports. The event log also records access to sensitive personal data. For each logged event, the system provides the associated user ID, date and time.

The following table describes the events the event log records.

Platform Signing in to the Alida platform.
User Adding, updating, or deleting user accounts in Settings > Manage Users.
Member Viewing or updating member records in Community > Members.
Members Viewing groups in Community > Member Groups, exporting member groups, and downloading the exports.
Metric

Exporting the following categories of data:

  • Community > Members > Export Profile Data (Community Profile Export)
  • Member Reward Export
  • Member Participation Data Export
Activity
  • Deleting any activity type.
  • Adding or updating reward assignment values in Projects > Activities.
  • Recording activity associated with third party sample (external audience) activities.
ProfileVariable Adding or updating profile variables in Community > Profile Variables
Dataset Creating, duplicating, and syncing datasets in the Analytics app, and syncing custom fields.

Who is the event log for?

The event log is for Admin users who either handle security and compliance or privacy issues for your company, or provide the necessary information to those that do. The information captured by the event log records the date and time when events occurred and answers questions, such as:

  • Who logged in?
  • Who is accessing member data?
  • Who is exporting and downloading data?
  • Who made chances to a user account?
  • Who accessed sensitive personally identifiable information (PII) of members?
  • Who is adding or updating profile variables?

Mitigating operational risk

If your organization identifies a breach where unauthorized access to the system may have occurred and sensitive data may have been compromised, you can use the event log to reconstruct what occurred and what sensitive information, if any, was accessed during the incident. For example, you could investigate the actions of a particular user in the system if their account is identified as suspicious.

Mitigating contractual risk

If your organization is contractually obligated to meet specific privacy or security requirements, such as HIPAA for health information, you can use the event log to meet the requirements you are subject to. For example, you can review the event log regularly to ensure that actions are only being performed by users authorized to do so.