More details in Activity Log
Hi,
I've meantioned this before in a thread but I'm hoping I can bring more attention to this.
Currently Activity Log is lacking details of activity. For example, when a user creates/updates an item it show the date, user, ip, but doesn't show what item been changed. So the activity log is in my optioning worthless.
The activity column shows for example:
Firstname Lastname updated items in a vault
I want to be able to see what item has been changed. Using the CLI I am able to get more information from the activity log that shows an objectUuid. Would that be the item? And if so how to get that via the CLI?
This should be made visible at least in Activity Log in the webpage. Also the app should show who has created or changed an item.
Next to that Activity Log should show who accessed/used the item so we can see which user has used the credentials.
With a large team this become more and more important.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Comments
-
Hi @martinvandiemen,
The Activity Log available with 1Password Business primarily exists for tracking vault-level and higher activities in your 1Password account. For example, this covers actions like vaults being created and renamed, people being added to or removed from the account, etc. To track specific item-level usage within a vault, usage reports will be more helpful:
Item usage is reported any time a user:
- Copies, fills, or reveals a password
- Exports, prints, or shares an item
- Edits an item
- Downloads a Document item
- Views an item on 1Password.com
- Accesses an item using the command-line tool
Upon creating a usage report you can click on any of the listed items to learn more about them, as well as view the
Item Historysection of each item to see who made recent changes. More on that here.That said, we have previously received feedback asking us to increase the details shown in the Activity Log, so I'll go ahead and file this in our internal system for tracking purposes.
ref: internal/business-roadmap#117
Using the CLI I am able to get more information from the activity log that shows an objectUuid. Would that be the item? And if so how to get that via the CLI?
For these questions concerning the 1Password command-line tool, I want to involve our integrations specialists, who won't return until Monday. I'll update you via this thread when I hear back from them. :+1:
0 -
@ag_max thank you for your explanation on how I should use repoting to get more details. But still the Usage Report is very limited. It would be good to see the reason why the item was used (copied, revealed, export, etc.).
Maybe combining the two and showing more details would really help.
Thanks for adding this to the roadmap.
0 -
Thanks again for the feedback on this. I'll follow up with Max and see if anything further has been discovered about the UUID returned by the CLI.
Ben
0 -
Just heard back from our integrations team, @martinvandiemen.
They confirmed that using the
op list eventscommand doesn't provide any additional information when compared to the Activity Log on 1Password.com. Additionally, theobjectUuidreturned is the vault UUID the event took place in, not the item that was edited/deleted.0 -
Looking for more details as well!
The same goes for the activity log on a specific user, I can see "fhbc has updated items in a vault" when I go to "fhbc" 's profile, but that still sends me on a wild goose chase to figure out which vault it was before I can start creating a usage report for that specific vault.It would be very convenient if the activity logs could be more verbose for members of the security team.
0
