Audit

Apart from standard application logs, the system offers two types of logging:

1. Audit Log
2. Signature Audit

Audit Log

The solution components log data in a special database table.

Components, Audit Types and Action Types

The table describes the components that produce audit logs and the types of audit and specific actions related to them.

Component	Audit type	Action type
Enrollment Server	activation	Initialization
PowerAuth Server	activation	Created
		Approved
		State changed to PENDING_COMMIT or ACTIVE or BLOCKED
		Removed
	authentication	Validation successful
		Validation failed
	operation	Created
		Approved
		Approval failed
		Rejected
		Reject Failed
		Operation failed
		Approval via server call failed
		Operation via server call failed
		Canceled via server call
	fido2	Stored authenticator
		Assertion result
	signature	Validation successful
		Validation failed

Stored data

The system stores additional data, including error details (if available) and information about the system environment.

REST API

The system offers a REST API that allows you to list all the actions for a given user ID within a selected time range.

Signature Audit

We have one extra database table “Signature Audit” that stores records with values used for attempts for the signature validation.

Signature Types

Each record contains information about the signature type, indicating which authentication factors were used during the signature validation attempt.

We support following signature types:

• POSSESSION
• POSSESSION_BIOMETRY
• POSSESSION_KNOWLEDGE
• POSSESSION_KNOWLEDGE_BIOMETRY

Stored data

The system stores additional data alongside the signature itself, such as related activation and signature metadata and body, including all parameters that were part of the signature.