Digital Hive Auditing Explained

Digital Hive Auditing Explained

Question

The Digital Hive Control Center doesn't seem to provide any reports or views around usage of the platform. Is there a way to create reports to show metrics like the amount of reports executed by platform, the number of searches being made, who is accessing Digital Hive (and when)?

Answer

Currently, as of release 2.1, there are no default out of the box reports or metrics provided within the Digital Hive Control Center. (this is a roadmap item that slated for a future release)

As part of the Digital Hive solution, an auditing facility exists that tracks various aspects of Digital Hive usage. The usage details are persisted in the Digital Hive embedded PostgreSQL Content Store database.
The challenge around default reports is that different administrators may want to monitor different metrics, or apply very specific filters to these metrics. This makes it very difficult to provide out of the box audit metrics that will cater to everyone. To help alleviate this challenge, Digital Hive focused on making it easy to consume the audit metrics so that they can be easily leveraged through all Business Intelligence platforms.

The audit information can all be accessed through 5 underlying views in the Digital Hive database within the PostgreSQL Content Store.


These views contain the following types of audit data:

theia_audit_admin: Records usage activities within the Digital Hive Control Center
theia_audit_page_views: Contains the usage metrics around Hive and Page views
theia_audit_search_queries: Tracks the search queries that users are executing
theia_audit_ui_interactions: Captures when and how users interact with the content and Hive objects
theia_audit_user_auth: Contains details associated with the authentication process

Each view contains a different set of columns that provide the context required to gain insight into what's happening within the Digital Hive application.

Administration Activities

The theia_audit_admin view is built using the following columns:



  1. id - Unique ID not leveraged for reporting
  2. details - Provides clarity on the operation when there is some additional context available (may be null based on the operation type)
  3. object_name - Name of the impacted object. This is the name provided to the object in Digital Hive
  4. object_type - Specifies what type of object was part of the operation
  5. operation - This is the user operation that is being recorded. This view has operations of Access Admin, Create <object>, Modify <object>, or Delete <object>
  6. result - Displays whether the operation was a SUCCESS or resulted in an ERROR
  7. session_id - This is a unique value that is assigned for a users' session. This would be the column to join on when trying to see what actions a user performed during a particular session
  8. timestamp - Date and time of when the operation occurred
  9. username - The user that performed the operation


Hive Usage

The theia_audit_page_views view is built using the following columns:



  1. id - Unique ID not leveraged for reporting
  2. username - The user that performed the operation
  3. operation - This is the user operation that is being recorded. This view has operations of View Hive Page
  4. operation_time - When the page was viewed
  5. login_time - When the user's session was established
  6. hive_name - Name of the Hive that was accessed
  7. page_name - Name of the Page that was viewed
  8. session_id - This is a unique value that is assigned for a user's session. This would be the column to join on when trying to see what actions a user performed during a particular session
The theia_audit_search_queries view is built using the following columns:



  1. id - Unique ID not leveraged for reporting
  2. username - The user that performed the operation
  3. operation - This is the user operation that is being recorded. This view has operations of Search
  4. operation_time - When the search was executed
  5. login_time - When the user's session was established
  6. hive_name - Name of the active Hive when the search was performed
  7. page_name - Name of the active Page when the search was performed
  8. session_id - This is a unique value that is assigned for a user's session. This would be the column to join on when trying to see what actions a user performed during a particular session

User Actions

The theia_audit_ui_interactions view is built using the following columns:



  1. id - Unique ID not leveraged for reporting
  2. username - The user that performed the operation
  3. operation - This is the user operation that is being recorded. This view has operations of Launch Artifact, Alter Review, Alter Global Tags, View Hive Page, Alter My Tags, Interact Link, Delete Review
  4. artifact_path - Path of the object manipulated in the operation
  5. connector_name - Specifies what connector the object comes from
  6. details - Provides clarity on the operation when there is some additional context available (may be null based on the operation type)
  7. operation_time - When the action was performed
  8. login_time - When the user's session was established
  9. hive_name - Name of the active Hive when the action was performed
  10. page_name - Name of the active Page when the action was performed
  11. event_origin_type - Where the action originated from. Origin types can be null, storyboard, embed, folder browser, initial, navigation, viewer siderbar (current folder), viewer siderbar (recommendations)
  12. session_id - This is a unique value that is assigned for a user's session. This would be the column to join on when trying to see what actions a user performed during a particular session
  13. window_width - Window resolution width
  14. window_height - Window resolution height
  15. page_x - Telemetry data of page coordinates
  16. page_y Telemetry data of page coordinates
  17. mouse_x - Telemetry data of mouse coordinates
  18. mouse_y Telemetry data of mouse coordinates

User Authentication

The theia_audit_user_auth view is built using the following columns:



  1. id - Unique ID not leveraged for reporting
  2. action - This is the user operation that is being recorded. This column has actions of Logon, Logoff, connector_logon, and Session_timeout
  3. details - Provides clarity on the operation when there is some additional context available (may be null based on the operation type)
  4. result - Displays whether the operation was a SUCCESS or resulted in an ERROR
  5. session_id - This is a unique value that is assigned for a users' session. This would be the column to join on when trying to see what actions a user performed during a particular session
  6. timestamp - Date and time of when the operation occurred
  7. username - The user that performed the operation

When a user attempts to authenticate into Digital Hive, if the username and password were valid, the user will be authenticated, and an audit entry will be recorded. In addition to that audit record, additional records will be created for the authentication attempts into the different connectors that the user has a credential for. 




If the authentication fails due to invalid credentials, the user will receive a generic failed authentication message in the UI, and an audit record will be created. 

Data Models and/or packages, which can be leveraged or used as an accelerator, have already been created for some BI platforms. Please send an email to support@digitalhive.com for a list of available content.

For more information about connecting BI solutions to the Digital Hive audit database, please consult these KB documents:


    • Related Articles

    • Connecting PowerBI to Digital Hive Audit Data

      Question The Digital Hive Control Center doesn't seem to provide any reports or views around usage of the platform. Is there a way to create reports to show metrics like the amount of reports executed by platform, the number of searches being made, ...

    • Digital Hive Load Balancing

      Question Due to the number of users and the critical nature of the BI reports, it is desirable to introduce more capacity into the Digital Hive environment. Can Digital Hive be installed across multiple servers? Answer Digital Hive can be installed ...

    • Digital Hive Architecture Overview

      Overview Digital Hive is a lightweight, web-based application that is both easy to install as well as to maintain and manage. Other than the Microsoft C++ redistributable (https://www.microsoft.com/en-ca/download/details.aspx?id=40784), there are no ...

    • Digital Hive Logging

      Question Is there any logging available to help troubleshoot issues? Answer Digital Hive has several types of log files available for troubleshooting issues. Here are the various Digital Hive log files and what they contain. Theia Log This is the ...

    • Installing the Digital Hive Software

      Question How do you install Digital Hive? Answer Digital Hive can be installed in Windows or Linux environments. Installing Digital Hive on Windows Prerequisites for installing Digital Hive on Windows Microsoft® Visual C++ 2013 runtime library ...