HelpServer provides an easy facility to verify the actions performed on the content over a period of time. The server can log all kinds of events taken by the users and the authors. The administrator or auditor then uses this log information to answer all kinds of questions related to the usage of the system. HelpServer distinguishes two kinds of event tracing methods.
Tracing content access
Use this method to find out what activity occurs on the content of a specific project. It is to answer the following kind of questions:
What is the authoring activity on the content?
Who is using the content of my project?
What are users searching for in this project?
Tracing user activity
This method is to keep an eye on a specific user or group of users. It is to answer questions such as:
What actions did an author perform on a specific content object?
Who has entered the system and for how long?
Actually you could use both methods to answer any kind of question. HelpServer distinguishes these two methods to facilitate the analysis of the auditing. If the content is the subject of your auditing then you'd better use the method 'Tracing content access' and if you want to spy some user you use the 'Tracing user activity' method. You can even combine the two methods.
The main goal of the HelpServer auditing system is to get an appropriate answer to each of these questions without having to perform a complex post processing on the logged event information.
HelpServer’s auditing mechanism is based on two objects: the auditing rule and the auditing source.
The auditing rule
An auditing rule is the tool to answer the auditing questions as easy as possible. An auditing rule indicates the events of interest and optionally the period of the logging activity and the target users or user groups.
The auditing source
As with the notification source the auditing source indicates a collection of related content objects such as a book with chapters and topics, a documentation project, a help project, a ‘Customers’ folder, or a ‘Products’ folder. The auditing source holds the collection of related event logs. Without an auditing source the event logs would be a massive amount of unstructured data.