Audit Logs
Audit Logs provide a comprehensive record of all system activities, user actions, and data changes within DebtRecoup. This feature is essential for compliance, security monitoring, and troubleshooting.
Accessing Audit Logs
- Click the settings icon in the top navigation bar
- Select Company from the left sidebar
- Click on Audit Logs
Understanding Audit Entries
Each audit log entry contains:
- Timestamp: Exact date and time of the action (in system timezone)
- User: Who performed the action
- Action Type: Category of activity (Login, Update, Delete, etc.)
- Resource: What was affected (Account, User, Payment, etc.)
- Details: Specific information about the change
- IP Address: Origin of the action
- Result: Success or failure status
Types of Audited Activities
User Activities
- Login attempts (successful and failed)
- Logout events
- Password changes
- Permission modifications
- Session timeouts
Account Management
- Account creation
- Status changes
- Assignment transfers
- Information updates
- Account closures
Financial Transactions
- Payment processing
- Payment plan creation
- Refunds and reversals
- Fee adjustments
- Commission calculations
System Configuration
- Settings changes
- Template modifications
- User role updates
- Portfolio assignments
- Integration configurations
Data Access
- Report generation
- Data exports
- Account searches
- Bulk operations
- API access
Searching and Filtering
Quick Filters
Use the filter bar to narrow results:
- Date Range: Select start and end dates
- User: Filter by specific user or role
- Action Type: Choose specific activities
- Resource: Focus on particular data types
- Result: Show only successes or failures
Advanced Search
For complex queries:
- Click Advanced Search
- Combine multiple criteria:
- User name contains
- IP address range
- Specific account numbers
- Custom field values
- Time of day patterns
Search Examples
Find all failed login attempts:
Action: Login
Result: Failed
Date: Last 30 daysTrack account status changes:
Resource: Account
Action: Status Change
User: [Select collector]Monitor payment reversals:
Action: Payment Reversal
Date: Current month
Result: SuccessAudit Log Details
Viewing Full Details
Click any log entry to see:
- Before Values: State before the change
- After Values: State after the change
- User Agent: Browser and device information
- Session ID: Links related activities
- Request ID: For API tracking
- Additional Context: Any relevant metadata
Change Tracking
For data modifications, the system shows:
Field: Phone Number
Before: (555) 123-4567
After: (555) 987-6543
Changed by: jsmith@company.com
Reason: Updated per debtor requestCompliance Features
Retention Policies
- Standard Logs: Retained for 7 years
- Financial Logs: Retained for 10 years
- Security Logs: Permanent retention
- Archived Logs: Moved to cold storage after 1 year
Regulatory Compliance
Audit logs support compliance with:
- FDCPA: Track all debtor communications
- TCPA: Monitor calling activities
- GLBA: Secure data access logging
- SOX: Financial transaction trails
- HIPAA: Protected information access
Immutability
Important
Audit logs cannot be edited or deleted. This ensures data integrity for compliance purposes.
Reporting and Exports
Standard Reports
User Activity Report
- Login patterns
- Actions per user
- Permission usage
- Suspicious activities
Security Report
- Failed access attempts
- Permission changes
- Data exports
- API usage
Compliance Report
- Communication logs
- Payment activities
- Data access patterns
- System changes
Exporting Logs
To export audit data:
- Apply desired filters
- Click Export button
- Choose format:
- CSV for analysis
- PDF for documentation
- JSON for integration
- Select fields to include
- Download securely
Monitoring and Alerts
Real-time Monitoring
Set up alerts for:
- Multiple failed login attempts
- Unusual access patterns
- High-value transactions
- After-hours activities
- Bulk data operations
Alert Configuration
- Navigate to Alert Settings
- Create new alert rule:
- Define trigger conditions
- Set threshold values
- Choose notification method
- Select recipients
Example Alert Rules
Security Alert:
IF failed_login_count > 5
AND time_period = 10 minutes
THEN notify security_teamCompliance Alert:
IF action = "bulk_export"
AND record_count > 1000
THEN notify compliance_officerBest Practices
Regular Reviews
Daily Checks
- Failed login attempts
- High-value transactions
- System errors
Weekly Reviews
- User activity patterns
- Data access trends
- Permission changes
Monthly Audits
- Compliance reporting
- Security analysis
- Performance metrics
Investigation Procedures
When investigating an incident:
- Identify the timeframe of the incident
- Filter by relevant users or resources
- Export related logs for analysis
- Check related activities using session IDs
- Document findings for compliance
Security Considerations
- Limit audit log access to authorized personnel
- Regular review of who has audit log permissions
- Monitor exports of audit data
- Secure storage of exported logs
- Regular training on log analysis
Using Logs for Troubleshooting
Common Scenarios
User Cannot Access Account
- Search for user's recent activities
- Check for permission changes
- Verify portfolio assignments
- Look for system errors
Payment Discrepancy
- Find the payment transaction
- Review all related actions
- Check for modifications
- Verify calculation logs
Data Integrity Issue
- Identify affected records
- Find all modifications
- Track change history
- Determine root cause
Integration with Other Systems
SIEM Integration
- Real-time log streaming
- Standardized format (CEF/LEEF)
- Automated threat detection
- Correlation with other systems
Compliance Platforms
- Automated report generation
- Evidence collection
- Audit trail preservation
- Regulatory submissions
Related Documentation
- User Management - Managing user permissions
- Company Settings - System configuration
- User Management - User security settings
- Reports Overview - System reporting capabilities