# Admin console settings
The Admin console settings page lets partners control audit log replication across customer accounts by configuring a single setting.
The audit log streaming feature enables partners to stream their customers’ audit log activities, including job history, recipe step details, and user activity, to a log provider. This feature is an add-on. Contact your Workato Success Representative to enable this feature.
When the audit log streaming feature is enabled, Workato creates a JSON file for each job and event in your customer accounts and sends it to your provider of choice through the HTTP POST method.
# Audit log streaming
Audit log settings in the Admin console
Audit log streaming lets partners store audit events from all customer accounts and their admin accounts in a single destination with a one-time setup.
Audit events include:
- Job summaries
- Job details
- User activity (log-ins, team changes, asset creation, edits, and deletions)
# JSON file details
Workato creates a JSON file for each event. The file path and name have the following format.
user_id/jobs/recipe_id/date/formated_job_id/user_id-recipe_id-job_id-time_and_date-status.json
- User ID
- This unique ID correcsponds to an individual customer account.
- Recipe ID
- This unique ID corresponds to a specific recipe.
- Job ID
- This unique ID corresponds to a specific job.
- Formatted job ID
- The job ID expanded into a 21-digit number (left padded with 0s) and split into 3-character fragments separated by
/s. Example: Job ID 100 is formatted as000/000/000/000/000/000/100. - Date
- The date of the job. For example, May 21, 2018 is represented as
20180521. - Time and date
- The date and time of the job. For example, midnight at May 21, 2018 is represented as
20180521000000. - Status
- Job completion status. Example:
succeededorfailed.
Example:
5234/jobs/234/20180521/000/000/000/000/000/000/100/5234-234-100-20180521000000-succeeded.json
Customize the audit log JSON to different formats to suit your needs. For example, you may require a source application (for example, Workato) to process the event logs in the destination application automatically.
You can create the custom log message and include the audit log event in a specific JSON format in the Customize log message section. The is the placeholder that Workato uses to substitute the actual audit log event message in JSON format.
{
"source": "workato",
"environment": "staging",
"hostname": "workato_cloud",
"logEntries": {{log_message}}
}
Invalid JSON
If the JSON is invalid or does not contain the placeholder, Workato sends the default log message without customization.
# Identifying customers from JSON files
The JSON file includes the user_id and user_external_id parameters in the context block for all log files related to job details. These two IDs refer to the Workato customer ID and the partner-provided external ID for the customer.
Sample JSON from a job event
The JSON file includes the id and external_id parameters nested in the user and team for all log files related to user activity. The IDs in the team block refer to the customer account, while the IDs in the user block refer to the specific customer team member who performed the action.
Sample JSON from a user activity event
If the partner did not provide any external ID while creating the customer or customer team member, the external_id value is null.
# Set unique audit log destinations
Partners can provide audit log replication configuration on each customer individually. This setting is available on each customer account's settings page as long as the audit log replication setting is not configured in the partner's Admin console. Hence, if each customer requires a separate audit log destination, don't configure the master setting on the Admin console.