Service Automation – Auditing
An important part of Service Automation is recording all the actions you perform. This is particularly true for a module like Service Automation within Tools4ever’s Identity & Access Management (IAM) solution HelloID, where initiated actions are often exceptions to the rules or carried out manually. This way, you have a conclusive log file, which means you are optimally prepared for audits and pass them without any problems.
Not every application records all actions you perform in a log file by default. The Service Automation module does and that means it offers great insights. For instance, HelloID records all actions starting from so-called products or Delegated forms in a log file. The same applies to any approval workflows.
HelloID records a variety of data in log files. These include:
- What happened?
- When did it happen?
- Who was involved in an action?
- Where was the action performed?
- Where was the action initiated from?
Working with extensive logging offers significant advantages. It allows you to trace in detail which actions were performed and why. This information not only makes it easy to generate the required reports but also enables you to provide clear insights into actions taken, should that prove necessary during audits.
The information is accessible in two locations within Tools4ever’s IAM solution. All those involved in a request can view detailed information in the user interface of HelloID Service Automation. This includes details about workflows, the status of requests, and product statuses.
The results of actions from products and Delegated forms can also be viewed via the HelloID Service Automation interface. We capture this information in Elastic Reporting, which allows us to analyse the information more extensively and provide comprehensive overviews. Let’s take a deeper look at the capabilities of both options.
In this article
- Viewing audit information via HelloID Service Automation
- Access via Elastic Reporting
- Centralising all logging information
Viewing audit information via HelloID Service Automation
HelloID provides access to a variety of audit and logging information via its user interface. This includes information related to requesting products and reviewing such requests.
The IAM solution offers employees, managers and/or product owners insights into approval workflows, the status of these workflows and their outcomes. Convenient, because this ensures that everyone involved in the process can immediately see where a request is within the workflow and what actions are required to complete it. In this way, HelloID delivers transparency while simultaneously creating an audit trail for every request.
Administrators can also view information based on a specific request and/or product. They gain insight into pending requests and, if necessary, can intervene manually to ensure the smooth progression of each request. For example, an application can get ‘stuck’ in the approval process due to unforeseen circumstances. Think of instances like the approver leaving the organisation, or changes in the process after a product request has been submitted. Naturally, HelloID also logs all actions administrators take to manage such situations.
In short, the user interface of HelloID’s Service Automation module offers extensive insight into detailed information about all (historical) requests for specific products, including approvals and rejections. Additionally, log files make information about actions performed for each product or Delegated form accessible.
Access via Elastic Reporting
Would you like a complete overview of all actions performed, regardless of the related processes? HelloID provides this overview using Elastic Reporting, which allows you to view the full audit log. This is an external tool, in which the IAM solution collects logging information.
Elastic Reporting can also present all collected audit information in an insightful way. Among other things, you can use a series of predefined reports. Do these not sufficiently match your needs? Then you can also create your own customised reports or other tailored overviews in order to provide specific insights.
The main difference between Elastic Reporting and the insights provided by HelloID through its own interface is that Elastic Reporting also captures the output actions of Delegated forms and product requests. In addition to this, unlike the HelloID interface, Elastic Reporting includes information related to all requests. This provides you with insight into all actions performed within HelloID Service Automation.
Centralising all logging information
In addition to the Service Automation module, HelloID’s other modules also capture all relevant log information in Elastic Reporting. These include the Provisioning and Access Management modules, as well as the Governance module available since Q3 2024.
Do you also use other systems such as a centralised logging system, Security Operations Centre (SOC) or Security Information and Event Management (SIEM) solution to collect information in log files? Elastic Reporting allows such external logging to be retrieved from other systems and imported. In doing so, you use Elastic Reporting’s API.
Getting started
Would you like to know more about HelloID Service Automation? Learn more about this module and its features here. Do you have any questions? Get in touch with us!
Written by:
Maikel Baars