Audit Log based Reports in Zoom

How do I enable Audit Log Mining and Reporting in Zoom?

Before enabling audit log reporting in Zoom Wed Administration console, we need to make sure that the Curator search indexing is enabled.

Setup Curator

1. Open the Web Management Console for your Zoom MAM Server. Usually, the URL is http://[YourZoomServer]:8443
2. Locate the Curator Node under the System node in the Admin Menu sidebar.
3. Open Curator Dashboard from the Curator node.

   

4. If the dashboard shows data for index statuses on top and indexed assets in the list below, then Curator is enabled in your Zoom setup.
   If the Curator Dashboard has no data, then you should first enable Curator. Follow this post to enable the Curator in your Zoom setup.
5. Proceed to the next section.

Enable Audit Log Indexing

1. In the Web Management Console, open Server Control Panel from the System node in the Admin Menu sidebar.

   

2. Open Curator-based Search Management.

3. In the Curator configuration window, select the Audit log Index checkbox.
4. Audit log Indexing is now enabled. These logs are created with the default settings and saved in [ZoomInstallDir]/logs.

   

Audit Log Analytics Dashboard 

Once audit logs have been indexed by the Zoom Curator service, you are ready to perform queries using the  Filter Panel on the left. For example to view all the download or checkout activity in the system, enter ‘CHECKOUT’ in the command Name to locate all the records related to checkout:

To see individual files in a record such as a checkout record, click on the row to view the details for a record. For instance one of the rows above leads us to:

The ‘Fuid List’ contains the list of Asset IDs associated with the record. Once you have the asset ID you can query the Asset Browser to get the exact path.

The Filter Panel supports the following criteria:

1. Sorting & ordering records based on several parameters:

   

2. Narrowing based on date range the activity records:

   

3. Refining the records based on several criteria:

   

   Most of the above fields will have facets created based on possible values, just click on ‘Show More’ to expand the facets attached to each filter or type in the string. For example type ‘CHECKOUT’ in the Command Name to quickly narrow the records to download or checkout.

   

   To narrow down the view by a specific user:

   

4. Reset the filters  – Click Reset All to clear out all the filters: