Compliance Audit

Previous Next

TGM Manager provides comprehensive audit trail capabilities for compliance tracking, security monitoring, and regulatory reporting.

Overview

The compliance audit system provides:

  • Complete Audit Trails - Track all changes to entities
  • User Activity Monitoring - Monitor user actions across the system
  • Security Event Logging - Track authentication and security events
  • Compliance Reporting - Generate reports for regulatory requirements
  • Data Retention Tracking - Monitor data retention compliance

REST API

Audit Trail Queries

Get Entity Audit Trail

Get the complete audit history for a specific entity.

GET /compliance/audit/entity/{entityType}/{entityId}

Example: 

GET /compliance/audit/entity/WorkOrder/123

Response: 

{
  "data": [
    {
      "id": 1001,
      "action": "CREATE",
      "entityType": "WorkOrder",
      "entityId": 123,
      "userId": 5,
      "username": "john.doe",
      "timestamp": "2024-01-15T10:30:00",
      "ipAddress": "192.168.1.100",
      "message": "Created work order: Pump P-101 Maintenance",
      "changes": {
        "status": { "old": null, "new": "OPEN" }
      }
    },
    {
      "id": 1002,
      "action": "UPDATE",
      "entityType": "WorkOrder",
      "entityId": 123,
      "userId": 8,
      "username": "jane.smith",
      "timestamp": "2024-01-15T14:22:00",
      "message": "Updated work order status",
      "changes": {
        "status": { "old": "OPEN", "new": "IN_PROGRESS" }
      }
    }
  ]
}

Required Role: ADMIN or MANAGER

Get User Audit Trail

Get all actions performed by a specific user.

GET /compliance/audit/user/{userId}?page=0&size=50

Required Role: ADMIN or MANAGER

Get Entity Type Audit Trail

Get audit trail for all entities of a specific type.

GET /compliance/audit/entity-type/{entityType}?page=0&size=50

Example: 

GET /compliance/audit/entity-type/Inspection?page=0&size=50

Required Role: ADMIN or MANAGER

Get Action Audit Trail

Get audit trail filtered by action type.

GET /compliance/audit/action/{action}?page=0&size=50

Actions: CREATE, UPDATE, DELETE, LOGIN, LOGOUT, ACCESS, EXPORT

Required Role: ADMIN or MANAGER

Get Time Range Audit Trail

Get audit trail within a specific time period.

GET /compliance/audit/time-range?startDate=2024-01-01&endDate=2024-01-31&page=0&size=50

Parameters:

Parameter Type Required Description
startDate date Yes Start date (ISO format)
endDate date Yes End date (ISO format)
page integer No Page number (default: 0)
size integer No Page size (default: 50)

Required Role: ADMIN or MANAGER

Get Security Audit Trail

Get authentication and security-related events.

GET /compliance/audit/security?page=0&size=50

Response includes: - Login attempts (success and failure) - Password changes - Permission changes - Role assignments - Two-factor authentication events

Required Role: ADMIN

Get Error Audit Trail

Get error events for troubleshooting.

GET /compliance/audit/errors?page=0&size=50

Required Role: ADMIN or MANAGER

Search Audit Trail

Search audit trail by message content.

GET /compliance/audit/search?query=pump&page=0&size=50

Required Role: ADMIN or MANAGER

Get IP Address Audit Trail

Get all actions from a specific IP address.

GET /compliance/audit/ip/{ipAddress}?page=0&size=50

Example: 

GET /compliance/audit/ip/192.168.1.100?page=0&size=50

Required Role: ADMIN

Compliance Reports

Compliance Summary Report

Generate a comprehensive compliance summary for a time period.

GET /compliance/audit/report/compliance-summary?startDate=2024-01-01&endDate=2024-01-31

Response: 

{
  "data": {
    "period": {
      "startDate": "2024-01-01",
      "endDate": "2024-01-31"
    },
    "totalEvents": 15420,
    "eventsByAction": {
      "CREATE": 3500,
      "UPDATE": 8200,
      "DELETE": 420,
      "LOGIN": 2100,
      "EXPORT": 1200
    },
    "eventsByEntityType": {
      "WorkOrder": 4500,
      "Inspection": 3200,
      "Intervention": 2800,
      "User": 1500
    },
    "uniqueUsers": 45,
    "uniqueIpAddresses": 28,
    "securityEvents": {
      "failedLogins": 23,
      "passwordChanges": 12,
      "roleChanges": 5
    },
    "dataChanges": {
      "created": 3500,
      "modified": 8200,
      "deleted": 420
    }
  }
}

Required Role: ADMIN

User Activity Report

Generate detailed activity report for a specific user.

GET /compliance/audit/report/user-activity/{userId}?startDate=2024-01-01&endDate=2024-01-31

Response: 

{
  "data": {
    "userId": 5,
    "username": "john.doe",
    "period": {
      "startDate": "2024-01-01",
      "endDate": "2024-01-31"
    },
    "totalActions": 342,
    "actionsByType": {
      "CREATE": 85,
      "UPDATE": 210,
      "DELETE": 12,
      "EXPORT": 35
    },
    "entitiesAccessed": {
      "WorkOrder": 120,
      "Inspection": 95,
      "Component": 67
    },
    "loginSessions": 22,
    "avgSessionDurationMinutes": 185,
    "ipAddresses": ["192.168.1.100", "10.0.0.50"],
    "lastActivity": "2024-01-31T17:45:00"
  }
}

Required Role: ADMIN

Entity Access Report

Generate access history report for a specific entity.

GET /compliance/audit/report/entity-access/{entityType}/{entityId}

Response: 

{
  "data": {
    "entityType": "WorkOrder",
    "entityId": 123,
    "createdAt": "2024-01-10T08:00:00",
    "createdBy": "john.doe",
    "lastModified": "2024-01-25T14:30:00",
    "lastModifiedBy": "jane.smith",
    "totalAccessCount": 45,
    "uniqueUsersAccessed": 8,
    "accessByUser": [
      { "username": "john.doe", "accessCount": 15, "lastAccess": "2024-01-25T10:00:00" },
      { "username": "jane.smith", "accessCount": 12, "lastAccess": "2024-01-25T14:30:00" }
    ],
    "changeHistory": [
      {
        "timestamp": "2024-01-15T10:30:00",
        "user": "john.doe",
        "action": "UPDATE",
        "field": "status",
        "oldValue": "OPEN",
        "newValue": "IN_PROGRESS"
      }
    ]
  }
}

Required Role: ADMIN or MANAGER

Data Retention Report

Generate report on data retention compliance.

GET /compliance/audit/report/retention

Response: 

{
  "data": {
    "generatedAt": "2024-01-31T12:00:00",
    "retentionPolicies": [
      {
        "entityType": "AuditLog",
        "retentionDays": 365,
        "oldestRecord": "2023-02-01",
        "totalRecords": 150000,
        "recordsEligibleForDeletion": 0
      },
      {
        "entityType": "LoginHistory",
        "retentionDays": 90,
        "oldestRecord": "2023-11-01",
        "totalRecords": 25000,
        "recordsEligibleForDeletion": 5200
      }
    ],
    "storageUsage": {
      "auditLogs": "2.5 GB",
      "loginHistory": "450 MB",
      "total": "2.95 GB"
    },
    "complianceStatus": "COMPLIANT",
    "recommendations": [
      "Consider archiving audit logs older than 1 year",
      "5,200 login history records are eligible for deletion"
    ]
  }
}

Required Role: ADMIN

Usage Examples

Investigating User Activity

# Get all actions by a user in January
curl -X GET "http://localhost:1337/compliance/audit/user/5?page=0&size=100" \
  -H "Authorization: Bearer $JWT"

# Generate detailed user activity report
curl -X GET "http://localhost:1337/compliance/audit/report/user-activity/5?startDate=2024-01-01&endDate=2024-01-31" \
  -H "Authorization: Bearer $JWT"

Tracking Entity Changes

# Get complete history of a work order
curl -X GET "http://localhost:1337/compliance/audit/entity/WorkOrder/123" \
  -H "Authorization: Bearer $JWT"

# Get access report for sensitive equipment
curl -X GET "http://localhost:1337/compliance/audit/report/entity-access/Component/456" \
  -H "Authorization: Bearer $JWT"

Security Monitoring

# Check for failed login attempts
curl -X GET "http://localhost:1337/compliance/audit/security?page=0&size=100" \
  -H "Authorization: Bearer $JWT"

# Monitor access from specific IP
curl -X GET "http://localhost:1337/compliance/audit/ip/192.168.1.50" \
  -H "Authorization: Bearer $JWT"

Compliance Reporting

# Generate monthly compliance summary
curl -X GET "http://localhost:1337/compliance/audit/report/compliance-summary?startDate=2024-01-01&endDate=2024-01-31" \
  -H "Authorization: Bearer $JWT"

# Check data retention status
curl -X GET "http://localhost:1337/compliance/audit/report/retention" \
  -H "Authorization: Bearer $JWT"

Audit Log Structure

Each audit log entry contains:

Field Description
id Unique log identifier
action Type of action performed
entityType Type of entity affected
entityId ID of the affected entity
userId User who performed the action
username Username for display
timestamp When the action occurred
ipAddress Source IP address
userAgent Browser/client user agent
message Human-readable description
changes JSON object with field changes
metadata Additional context data

Best Practices

  1. Regular Review - Review audit logs regularly for anomalies
  2. Security Alerts - Set up alerts for suspicious activities
  3. Retention Policies - Define and follow data retention policies
  4. Access Control - Limit audit log access to authorized personnel
  5. Export for Compliance - Export reports for regulatory submissions
  6. Integration - Consider integrating with SIEM systems

Compliance Standards

The audit system supports requirements for:

  • ISO 27001 - Information security management
  • SOC 2 - Service organization controls
  • GDPR - Data protection regulation
  • HIPAA - Healthcare information security
  • FDA 21 CFR Part 11 - Electronic records compliance
Root Cause Analysis Knowledge Base