Service Automation: Auditing
An important part of Service Automation is recording every action you perform. This is especially true for a module like Service Automation in Tools4ever’s HelloID Identity and Access Management (IAM) solution, where initiated actions are often exceptions to policies or are performed manually. This ensures a complete log file, so you are fully prepared for audits and can pass them without issues.
Not every application logs all actions you perform by default. The Service Automation module does, and therefore provides deep insight. HelloID records all actions that start from so-called products or Delegated forms in a log file. This also applies to any approval workflows.
HelloID records various data in log files. Examples include:
What happened?
When did it happen?
Who was involved in the action?
Where was the action performed?
From where was the action initiated?
Working with comprehensive logging provides significant benefits. You can always trace in detail which actions were performed and why. This information makes it easy to create required reports, and it also enables you to provide insight into executed actions during audits when needed.
The information is available in two locations within Tools4ever’s IAM solution. All stakeholders involved in a request can view detailed information in the HelloID Service Automation user interface. This includes workflows, the status of requests, and product statuses.
The results of actions from products and Delegated forms are also visible through the HelloID Service Automation interface. We record this information in Elastic Reporting, which makes it possible to analyze it in more depth and provide overviews. We outline the capabilities of both options.
Viewing audit information in HelloID Service Automation
HelloID provides access to a wide range of audit and logging information through its user interface. This covers information related to product requests and the review of such requests.
In this way, the IAM solution provides employees, managers, and product owners with insight into approval workflows, the status of those workflows, and their outcomes. This is useful because all parties involved can immediately see where a request is in the workflow, and what actions are required to complete it. HelloID provides transparency and simultaneously creates an audit trail for every request.
Administrators can also view information based on a specific request and or product. They gain insight into ongoing requests, and can intervene manually if needed to keep a request on track. A request can stall in the approval process due to unforeseen circumstances. Examples include the approver leaving the organization, or changes in the process after a product request has been submitted. HelloID also records all actions administrators perform to keep requests on track in a log file.
The HelloID Service Automation module’s user interface therefore provides extensive insight into detailed information about all historical requests for specific products, including approvals and rejections. Log files also provide information about actions performed per product or Delegated form.
Access through Elastic Reporting
Do you want a complete overview of all actions performed, regardless of related processes? HelloID provides this overview using Elastic Reporting, which allows you to review the full audit logging. It is an external tool in which the IAM solution collects logging information.
Elastic Reporting can also present all collected audit information in a clear way. You can use a set of predefined reports. If these do not fully meet your needs, you can create custom reports or other overviews to provide specific insights.
The most important difference between Elastic Reporting and the insight that HelloID provides through its own interface is that Elastic Reporting also logs the output actions of Delegated forms and product requests. In contrast to the HelloID interface, Elastic Reporting also includes information related to all requests. This gives you visibility into all actions performed within HelloID Service Automation.
Collect all logging information centrally
In addition to the Service Automation module, the other HelloID modules also record all relevant logging information in Elastic Reporting. These include the Provisioning and Access Management modules, as well as the Governance module available from Q1 2025.
Do you also use other systems such as a central logging system, a Security Operations Center (SOC), or a Security Information and Event Management (SIEM) solution to collect information in log files? Elastic Reporting makes it possible to retrieve and import such external logging from other systems. You use the Elastic Reporting API for this.
Get started
Would you like to learn more about HelloID Service Automation? You can find more information about this module and its capabilities here. Do you have questions? Contact us!
The outline includes a note regarding a blog about Elastic. I cannot find this blog on your website. Does it already exist, and if so, is it online?