# Admin console settings

Today, the admin console settings page allows partners to control the audit log replication setting across customers with a single setting.

The audit log streaming feature allows partners to stream all your customers’ audit log activity including job history, recipe step details and user activity to a log provider. This feature is an add-on, please contact your Workato representative to learn more or to enable it.

Once enabled, Workato will create a JSON file for each job and event in your customer accounts and store this to your provider of choice via HTTP POST method.

# Audit log streaming

Audit log streaming Audit log settings in the Admin Console

Audit log streaming allows partner to store audit events from all customer accounts as well as their own admin accounts to a single destination with a one-time setup.

Audit events include:

  • Job summary
  • Job details
  • User activity (logins, team switch, asset creation/edit/deleted etc.)

# JSON file details

Workato creates a JSON file for each event. The file path and name format are as follows:

Item Description
path user_id/jobs/recipe_id/YYYYMMDD/formatted_job_id/

formatted_job_id is the job id expanded in to a 21 digit number(left padded with 0s) and split in to 3 character fragments separated by /.

Eg: Job id 100 is formatted as 000/000/000/000/000/000/100
name user_id-recipe_id-job_id-YYYYMMDDHHMMSS-status.json

status is the job completion status: succeeded or failed

Eg: 5234-234-100-20180521000000-succeeded.json

Eg: 5234/jobs/234/20180521/000/000/000/000/000/000/100/5234-234-100-20180521000000-succeeded.json

The audit log JSON format can be customized to different format to suit your needs. For example, you may need to include source application (for example, Workato) so that the event log are automatically processed in the destination application.

In the Customize log message section, you can create the custom log message and include the audit log event in a specific JSON format. The is the placeholder that Workato uses to substitute the actual audit log event message in JSON format.

  "source": "workato",
  "environment": "staging",
  "hostname": "workato_cloud",
  "logEntries": {{log_message}}


If the JSON is invalid or does not contain the placeholder, then Workato will send the default log message without any customization.

# Identifying customers from JSON files

For all log files related to job details, the JSON file will include the user_id and user_external_id parameters in the context block. These 2 IDs refer to the Workato customer ID and the partner-provided external ID for the customer.

Audit log streaming Sample JSON from a job event

For all log files related to user activity, the JSON file will include the id and external_id parameters nested in the user and team. The IDs in the team block refers to the customer account, while the IDs in the user block refer to the specific customer team member who performed the action.

Audit log streaming Sample JSON from a user activity event

If the partner did not provide any external ID while creating the customer or customer team member, the external_id value will be "null".

# Set unique audit log destinations

Partners can provide audit log replication configuration on each customer individually. The setting is available in each customer accounts' settings page as long as the master setting (described above) is turned off. Hence, the master setting on the admin console cannot be used if each customer should have their own audit log destination.