Hello,
We experienced an issue where an application deployed to the production environment did not work correctly.
After investigation, we found that the process failed because a required user group was missing. We further checked deletion.log and found that the deployment service account appears to have deleted the group.Log excerpt: 2026-05-29 10:18:57,597 [http-nio-8080-exec-28] INFO com.appiancorp.common.logging.DeleteLogger - Successful deletion of objects: id=3126; types=group; names=["xxxx"]; deleted by user=[xxxx].
deletion.log
However, we could not find any deployment record corresponding to this timestamp.
My question is:Is there a way to trace the actual operation performed by the deployment user account, even if there is no deployment record at that time?
Any guidance would be appreciated.
Thank you.
Discussion posts and replies are publicly visible
Deletions are done manually or via a process/rule (using Delete Group smart service), its is not feasible to delete a group as part of deployments. So check in your team whoever has the credentials for deployment user - most likely someone deleted this group from Appian Designer.
Apart from deletion.log you can check the design_objects.csv as well for details but apart from timestamp and who did what action, which you already know - I am afraid you wont be able to get more information further. I would suggest check with your team internally about this.
Hello Harsha,
Thank you for your response.
I’d like to add one clarification: in my previous post, I did not explicitly mention that the user account shown in the log was our deployment account. Because of that, the situation may not have been fully clear.
To restate the issue more precisely:
The problem is that we could not find any deployment record at that timestamp.
My question is:What is the recommended way to investigate whether someone manually deleted the group using the deployment account?
For example:
design_objects.csv
Any guidance would be greatly appreciated.
A deployment does never delete an object.
The deployment account should not be allowed to log in to the Appian UI.
There is a log file that logs all user authentications.
Hello Stefan,
Thank you for the clarification.
We understand the following points:
Based on this, we believe there is still a possibility that the group was deleted by a smart service or process model rather than by deployment or UI login.
We do have a function that maintains group information based on organization data, so that function could be related in general. However, to avoid any misunderstanding, the deleted group was not one of the groups targeted by that maintenance program.
Also, we could not find any evidence in the process model logs that the relevant service account executed a process at the time of deletion.
Could you please advise what information we should check next to investigate this further?
必要であれば次に、
のどれかに整えます。
必要なら、この内容をさらに短くして投稿しやすい形にします。
Did you try to search for process models using the "Delete Group" smart service?