Skip to main content
Skip table of contents

Seeq Audit Trail

Seeq has audit trail capabilities to support cGMP customers with Title 21 CFR Part 11 compliance. When this functionality is enabled and an appropriate license is in place, Seeq logs changes to items so that a cGMP user can determine whether items in Seeq have been changed, the user that made the changes, and the timestamp of the changes.

Scope of Audit Trail

Each time a change is made to an item, Seeq creates an entry in the audit database recording the change. Each audit entry contains the before and after state of any of the item’s propertiesrelationships, and access control entries that were changed, along with the date/time of the change and the user who made the change. See the querying section below for an example. If an item or one of its aforementioned members is created or deleted, then the before or after state is left blank, respectively. Each audit entry also includes a list of dependent items so that a query to determine whether an item has changed will also return changes to any dependencies that may affect its output.

Seeq Data types under Audit

  • Assets

  • Signals (includes calculated signals, a.k.a formulas)

  • Conditions

  • Scalars

  • Scorecard (threshold) metrics

  • Histograms

  • Users

  • User groups

  • Formula Packages

  • User Defined Formula Functions

  • Formula Docs

Exclusions

Changes made to individual Workbench Analysis and Organizer Topics are not included in the scope of the Audit Trail. Journal entry, worksheet displays, content, date ranges, comments, exports, and overall Analysis or Topic access controls are not presently recorded in the Audit Trail.

Access control changes made to an analysis will be reflected on each individual calculated item that is scoped to that workbook.

Enabling the Audit Trail

Note that a special license of Seeq is required to enable the audit trail capability. Please contact your Seeq Sales Executive or Account Manager for additional details.

To enable Audit Trail, contact Seeq support.

Querying the Audit Database

User Interface

Either Administrators or Everyone can access the Audit Trail in the UI, pending on the configuration. Those who have access will find it via the hamburger menu in the upper right corner.

The Audit Trail Query page will display audit entries as determined by the filters at the top of the page. While no filters are required, Start and End Date filters default of the last hour when opened to display the most recent changes. Users can change query parameters to further filter the results as needed. 

Filtering Options

Date Filter - Limit results to changes made between the two date/times entered.

Items filter - Limit results to one or more items. Items can be entered by ID (type/paste item ID) to add to the filter by selecting the Enter ID link above the Items display field. Alternatively, click the Navigate link to navigate via folder hierarchy to a workbook to select one or more worksheets in that workbook and get a list of all items used (currently displayed, used in displayed calculations, or displayed or used in any Journal links). In R54.0.0 and later, Organizer Topic Documents will also be discovered via the navigation option.

Item Types - Limit results to one or more types of items. This dropdown includes all the Item types currently audited (see Scope of Audit above). Select all makes it easy to exclude some options.
Change type - Limit results to one or more types of changes. Options available are CREATE (when formula, user group, or other item is first created) , UPDATE (any changes to items such as changes to formula, units of measure, access control, or other properties) , and DELETE (when item is archived).
Username Filter - lets a user filter entries by specific Seeq users. Type in user name or email to search and select multiple Seeq users. Hovering over Item ID and user ID values reveals full values. 
Copy buttons next to the Item ID and user ID values copy the full values.”

API Endpoint

An audit API endpoint is available to Seeq admin users via Seeq APIs and SDKs. The API endpoint GET/audit includes the ability to query by several criteria:

  • start time

  • end time

  • user ID(s)

  • item ID(s)

  • item type

  • change type (CREATE/UPDATE/DELETE)

Each change will appear in the audit database similar to the line below representative of changing a Value Search threshold from 30 to 25.

Timestamp

Changed by

Change type

Change Summary

Before

After

Feb 28, 2024 1:48 PM

user@seeq.com

51901fd7-7d90-4fca-b208-087f52ca83aa

UPDATE

Condition

Formula 1

0eed6744-bdcd-ec60-bed7-6abb0584ae61

Formula

$t.validValues().valueSearch(isGreaterThan(30))

Formula

$t.validValues().valueSearch(isGreaterThan(20))

The API endpoint can also be queried using Seeq Data Lab for Seeq admin users. Please contact your Seeq Analytics Engineer if you would like some examples of querying the audit trail via Seeq Data Lab.

Security

Audit records are stored in the internal Seeq database and are therefore included in any backups of the Seeq data folder.

Access to the data folder is restricted according to the Seeq Master Trust Policy.

Changes to Connector configurations now appear in the Audit Trail. These entries will be visible to all users who can access Audit Trail.

Do not store secrets in Connector configurations!

We strongly suggest reading Storing Datasource Configuration Secrets and moving the secret information outside of the configuration.

If you store a secret in the configuration, it will appear in Audit Trail like so:

{  "ClientSecret": "plaintext secret"}

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close