Auditing and Logging in K2 Five
KB003293
PRODUCT
Introduction
K2 Five provide logging and auditing features that enable administrators to monitor and troubleshoot the K2 environment, and that enable authorized users to report on audited activities in K2 and in K2 applications. This article lists the available logging and auditing features and links to supporting documentation that describes the features.
Logging
Logging features of K2 are separated into installation logging and runtime logging. Installation logging starts automatically when the K2 Setup Manager begins installing K2. Runtime logging occurs when the K2 environment is operational, is configurable and (except for K2 host server logging) can be enabled or disabled.
See the relevant topics in the K2 Five Installation Guide for details on configuring and reading logs in K2.
| Log type | Automatically enabled? | Configurable? | Notes |
|---|---|---|---|
Installation Logging | |||
| Installation logging (K2 Five ) | Yes | No | Automatically starts when the setup manager launches. Used to troubleshoot and track installation of K2. |
Runtime Logging | |||
| K2 Host Server Console Mode (K2 Five) | No | Yes | Run K2 Host Server in console mode to see real-time activity in K2 Host Server. This is useful when troubleshooting performance issues, authentication issues and issues when K2 service fails to start. To start K2 in console mode, stop the K2 Windows Service and then launch console mode with the K2 Server (Service Account) shortcut on the Start Menu. Start the K2 Console in the context of the K2 Service Account to preserve the same credentials that are used when the K2 service runs as a windows service. This will help to prevent false issues, since the user context is the same for both Console and Service modes. |
| K2 Host Server logging (K2 Five) | Yes | Yes | Automatically starts when the K2 service starts and outputs different levels of logging information to different target locations. Enable and configure logging on the K2 application server to output different levels of logging information to different target locations. Level of logging and active log locations are determined by the settings in the logging configuration file at %PROGRAMFILES%K2Host ServerBinHostServerLogging.config For all environments it is recommended to enable "Error" level debugging to the windows event log so that any runtime errors are easily identifiable. |
| SmartObject Server logging (K2 Five) | No | Yes | Outputs logging information about runtime execution of SmartObjects. To set up runtime logging for SmartObjects, edit the file K2HostServer.exe.Config file located in %PROGRAMFILES%K2Host ServerBin. Then configure the section for the log files you want to output. |
| Active Directory User Manager message logging (K2 Five) | No | Yes | K2 outputs logging information specific to the Active Directory User Manager in logfiles located at %PROGRAMFILES%K2Host ServerBinAdumErrorEDate]_aIncrement].log. Configure the level of logging output by editing the RoleInit column for the K2 Security Label in the HostServer.SecurityLabel database table. |
| K2 Workflow REST API and the OData API (K2 Five) | No | Yes | You can enable logging for the K2 Workflow REST API and the OData API to troubleshoot issues you may have when using either API. |
| K2 Runtime Web.config file log settings (K2 Five) | No | Yes | This logging output is typically used to debug K2 SmartForms. The configuration file is located by default at web.config file typically found at: %PROGRAMFILES%K2K2 smartforms RuntimeWeb.config |
| K2 Workspace for Android System logs | Yes | No | Event logs for the K2 Workspace app for iOS and Android are available in each app. Logging starts when the mobile application launches. |
| K2 PDF Converter Service | No | Yes | Typically used to troubleshoot the K2 PDF Converter Service. See PDF Converter Logging and Debugging the PDF Converter. |
Other logging | |||
| Windows Event Log | Yes* | Yes* | The windows event log can expose logging information regarding network connections, authentication issues, underlying O/S issues and more. *You can configure the Host Server Logging file to output information to the Windows Event log (enable the in the host server logging configuration file at %PROGRAMFILES%K2Host ServerBinHostServerLogging.config) to output log information to the Windows Event Log. |
| IIS Logging | Yes | Yes | When troubleshooting K2 web services and K2 websites, some useful information may be found in IIS logfiles. See the IIS documentation for more on configuring and reading IIS logfiles. |
| SQL Logging | No | Yes | SQL logging may contain useful troubleshooting information. These logs are available from the Windows Application log or in a directory like Program FilesMicrosoft SQL ServerMssql]Log. |
Auditing
Auditing in K2 allows inspection of audited events while applications are used. Some auditing features are enabled by default (such as workflow history and task auditing), while other settings are configurable (such as enabling audit for workflow variables). Auditing is typically used to validate that applications are used as expected, to create an audit trail of changes to applications, systems and data, and workflow participation.
| Audit type | Automatically enabled? | Configurable? | Notes |
|---|---|---|---|
| Workflow Instance History (K2 Five) | Yes | No | Use the Process Instance Detail report to review workflow instance history for both active (running) and completed workflows in your K2 environment. |
| User Task Actions (K2 Five) | Yes | No | Use the Activity Instance Detail report to review user task action history for both active (running) and completed workflows in your K2 environment. |
| Workflow Variables (K2 Five) | No | Yes | To record runtime changes to data fields used in your workflows, you must enable the audit feature at design time. |
| Workflow Deployment (K2 Five) | Yes | No | You can use version history in the K2 Management site to review the deployment history of a workflow. |
| Security auditing (K2 Five) | Yes | No | You can use the Security Audit SmartObject to review security changes in your environment. |
| Package and deployment auditing (K2 Five) | Yes | No | You can use the Deployment audit trail to review the history of deployed packages in a K2 environment. |
| License auditing (K2 Five) | Yes | No | Use the license audit report to see active and inactive K2 users |
| SmartObject auditing | No | Yes | You can manually implement auditing on a SmartObject, see the K2 Cloud - SmartObject Auditing video on YouTube for an example. |
