Can someone confirm the best way to find out who removed a member from a team, d

An alternative or complement to the Audit Logging suggestion would be:

0. Stop the environment completely
1. Create a copy of /server/_conf/logging/log.properties in the same location and name it log_db_PE.properties
2. Edit your log_db_PE.properties and update line 45 to set this logger to DEBUG

configure.a.pf.te=DEBUG, PERFORMANCE

3. Add this to line to any location (e.g. line 20) to your ear|runtime_ear/suite.ear/resources/appian_log4j.properties

log4j.logger.com.appiancorp.ag.GroupServiceJavaImpl=INFO

4. Start the environment

Here's how this will let you do an audit. Let me explain with an example:

1. eduardo.admin adds two users (via People tab or Process, doesn't matter) called eduardo.ldap and UPPERCASE to a group

The db_PE*.log will show

2014-02-28 00:07:38 [PE1] {ag29.kdb 12} (Default) INFO .a.pf.te "eduardo.admin" "2.000027" "addMemberUsers"

and the application-server.log will show:

2014-02-28 00:07:37,101 [default-threads - 11] INFO com.appiancorp.ag.GroupServiceJavaImpl - Removed eduardo.ldap from the group membership cache
2014-02-28 00:07:37,111 [default-threads - 11] INFO com.appiancorp.ag.GroupServiceJavaImpl - Removed UPPERCASE from the group membership cache


Notice how we can correlate these entries to know who added a user to a group but we can't determine to what group. Also notice that the phrase"removed" from the group membership cache" doesn't mean a group removal, it just means a change in the group membership for this user, it can be an addition or removal so we definitely need to correlate with the corresponding entry in db_PE to know whether it was a removal or addition

2. eduardo.admin removes two users (via People tab or Process, doesn't matter) called eduardo.ldap and UPPERCASE from a group

The db_PE*.log will show

2014-02-28 00:07:37 [PE1] {ag29.kdb 11} (Default) INFO .a.pf.te "eduardo.admin" "0.9999349" "removeMemberUsers"

and the application-server.log will show:

2014-02-28 00:07:36,288 [default-threads - 13] INFO com.appiancorp.ag.GroupServiceJavaImpl - Removed eduardo.ldap from the group membership cache
2014-02-28 00:07:36,292 [default-threads - 13] INFO com.appiancorp.ag.GroupServiceJavaImpl - Removed UPPERCASE from the group membership cache

Notice how we can correlate these entries to know who removed a user from a group but we can't determine from what group. Also notice that the phrase"removed" from the group membership cache" doesn't mean a group removal, it just means a change in the group membership for this user, it can be an addition or removal so we definitely need to correlate with the corresponding entry in db_PE to know whether it was a removal or addition

Hello Eduardo, this a very old post. I was wondering if there is a better way to accomplish this today?

I came across an App in the Appian Market, May be this might help.

community.appian.com/.../user-audit-application

Hi,

May be this plug in also suits for your requirement, please check once.

forum.appian.com/.../summary

forum.appian.com/.../summary

Hi,

May be this plug in also suits for your requirement, please check once.

forum.appian.com/.../summary

forum.appian.com/.../summary