User operation log

The user operation log contains entries for many API operations and can be used for auditing purposes. It provides data on what kind of operations are performed as well as details on the changes involved in the operation. Operations are logged when the operation is performed in the context of a logged in user. To use the operation log, the process engine history level must be set to FULL.

Write log entries regardless of user authentication context

If it is desired that operations are logged regardless whether they are performed in the context of a logged in user or not, then the process engine configuration flag named restrictUserOperationLogToAuthenticatedUsers can be set to false.

Access the user operation log

The user operation log can be accessed via the Java API. The history service can be used to execute a UserOperationLogQuery by calling historyService.createUserOperationLogQuery().execute(). The query can be restricted with various filtering options. The query is also restref page="queryUserOperationEntries" text="exposed in the REST API" tag="Historic-User-Operation-Log.

User operation log entries

The log consists of operations and entries. An operation corresponds to one performed action and consists of multiple entries, at least one. Entries contain the detailed changes being part of the operation. When making a user operation log query, the returned entities are of type UserOperationLogEntry, corresponding to entries. All entries of one operation are linked by an operation id.

A user operation log entry has the following properties:

• Operation ID: A generated id that uniquely identifies a performed operation. Multiple log entries that are part of one operation reference the same operation ID.
• Operation Type: The name of the performed operation. Available operation types are listed in the interface org.operaton.bpm.engine.history.UserOperationLogEntry. Note that one operation can consist of multiple types, for example a cascading API operation is one user operation, but is split into multiple types of operations.
• Entity Type: An identifier of the type of the entity that was addressed by the operation. Available entity types are listed in the class org.operaton.bpm.engine.EntityTypes. Like the operation type, one operation may address more than one type of entity.
• Category: The name of the category the operation is associated with. Available categories are listed in the interface org.operaton.bpm.engine.history.UserOperationLogEntry. For example, all task related runtime operations like claiming and completing tasks fall into the category .
• Annotation: An arbitrary text annotation set by a user for auditing reasons. Multiple log entries that belong to an operation have the same annotation.
• Entity IDs: A job log entry contains the entity IDs that serve to identify the entities addressed by the operation. For example, an operation log entry on a task contains the id of the task as well as the id of the process instance the task belongs to. As a second example, a log entry for suspending all process instances of a process definition does not contain individual process instance IDs but only the process definition ID.
• User ID: The ID of the user who performed the operation.
• Timestamp: The time at which the operation was performed.
• Changed Property: A user operation may change multiple properties. For example, suspension of a process instance changes the suspension state property. A log entry is created for each changed property involved in an operation.
• Old Property Value: The previous value of the changed property. A null value either indicates that the property was previously null or is not known.
• New Property Value: The new value of the changed property.

Annotation of user operation logs

User Operation Logs are helpful to audit manual operations. To make it obvious why a certain operation was performed, sometimes it is not enough to only log technical information (e. g. timestamp, operation type, etc.) but also add an annotation that puts the operation in the right business context.

You can directly pass an annotation for the following operations:

• Process Instance Modification

You can also set an annotation to an operation log which is already present:

An annotation can be set and cleared via Java API:

String operationId = historyService.createUserOperationLogQuery()
    .singleResult()
    .getOperationId();

String annotation = "Instances restarted due to wrong turn";
historyService.setAnnotationForOperationLogById(operationId, annotation);

historyService.clearAnnotationForOperationLogById(operationId);

Please note: Annotations are present on all entries that belong to an operation log.

Please also see the REST API reference for restref page="setAnnotationUserOperationLog" text="setting" tag="Historic-User-Operation-Log and restref page="clearAnnotationUserOperationLog" text="clearing" tag="Historic-User-Operation-Log annotations.

Glossary of operations logged in the user operation log

The following describes the operations logged in the user operation log and the entries that are created as part of it:

Entity Type	Operation Type	Category	Properties
Task	Assign	TaskWorker	assignee: The id of the user who was assigned to the task
	Claim	TaskWorker	assignee: The id of the user who claimed the task
	Complete	TaskWorker	delete: The new delete state, true
	Create	TaskWorker	No additional property is logged
	Delegate	TaskWorker	When delegating a task, three log entries are created, containing one of the following properties: delegation: The resulting delegation state, PENDING owner: The original owner of the task assignee: The user this task has been assigned to
	Delete	TaskWorker	delete: The new delete state, true
	Resolve	TaskWorker	delegation: The resulting delegation state, RESOLVED
	SetOwner	TaskWorker	owner: The new owner of the task
	SetPriority	TaskWorker	priority: The new priority of the task
	Update	TaskWorker	The manually changed property of a task, where manually means that a property got directly changed. Claiming a task via the TaskService wouldn't be logged with an update entry, but setting the assignee directly would be. One of the following is possible: description: The new description of the task owner: The new owner of the task assignee: The new assignee to the task dueDate: The new due date of the task
	DeleteHistory	Operator	nrOfInstances: the amount of decision instances that were deleted async: by default false since the operation can only be performed synchronously
ProcessInstance	Create	Operator	No additional property is logged
	Activate	Operator	suspensionState: The new suspension state, active
	Delete	Operator	In case of regular operation: No additional property is logged In case of batch operation: nrOfInstances: the amount of process instances that were deleted async: true if operation was performed asynchronously as a batch, false if operation was performed synchronously deleteReason: the reason for deletion type: history in case of deletion of historic process instances
	ModifyProcessInstance	Operator	nrOfInstances: The amount of process instances modified async: true if modification was performed asynchronously as a batch, false if modification was performed synchronously processDefinitionVersion: The version of the process definition
	Suspend	Operator	suspensionState: The new suspension state, suspended
	Migrate	Operator	processDefinitionId: The id of the process definition that instances are migrated to nrOfInstances: The amount of process instances migrated nrOfVariables: The amount of set variables. Only present when variables were set async: true if migration was performed asynchronously as a batch, false if migration was performed synchronously
	RestartProcessInstance	Operator	nrOfInstances: The amount of process instances restarted async: true if restart was performed asynchronously as a batch, false if restart was performed synchronously
	DeleteHistory	Operator	nrOfInstances: the amount of process instances that were deleted async: true if operation was performed asynchronously as a batch, false if operation was performed synchronously deleteReason: the reason for deletion. This property exists only if the operation was performed asynchronously
	CreateIncident	Operator	incidentType: The type of incident that was created configuration: The configuration of the incident that was created
	Resolve	Operator	incidentId: The id of the incident that was resolved
	SetRemovalTime	Operator	async: true if operation was performed asynchronously as a batch nrOfInstances: The amount of updated instances removalTime: The date of which an instance shall be removed mode: CALCULATED_REMOVAL_TIME if the removal time was calculated, ABSOLUTE_REMOVAL_TIME if the removal time was set explicitly, CLEARED_REMOVAL_TIME if the removal time was cleared hierarchical: true if the removal time was set across the hiearchy, false if the hierarchy was neglected
	SetVariables	Operator	async: true if operation was performed asynchronously as a batch nrOfInstances: The amount of affected instances nrOfVariables: The amount of set variables
	CorrelateMessage	Operator	async: true if operation was performed asynchronously as a batch nrOfInstances: The amount of affected instances nrOfVariables: The amount of set variables messageName: The name of the correlated message
Incident	SetAnnotation	Operator	incidentId: the id of the annotated incident
	ClearAnnotation	Operator	incidentId: the id of the annotated incident
IdentityLink	AddUserLink	TaskWorker	candidate: The new candidate user associated
	DeleteUserLink	TaskWorker	candidate: The previously associated user
	AddGroupLink	TaskWorker	candidate: The new group associated
	DeleteGroupLink	TaskWorker	candidate: The previously associated group
Attachment	AddAttachment	TaskWorker	name: The name of the added attachment
	DeleteAttachment	TaskWorker	name: The name of the deleted attachment
JobDefinition	ActivateJobDefinition	Operator	suspensionState: the new suspension state active
	SetPriority	Operator	overridingPriority: the new overriding job priority. Is null, if the priority was cleared.
	SuspendJobDefinition	Operator	suspensionState: the new suspension state suspended
ProcessDefinition	ActivateProcessDefinition	Operator	suspensionState: the new suspension state active
	SuspendProcessDefinition	Operator	suspensionState: the new suspension state suspended
	Delete	Operator	cascade: if the value is set to true, then all instances including history are also deleted.
	UpdateHistoryTimeToLive	Operator	historyTimeToLive: the new history time to live.
DecisionDefinition	UpdateHistoryTimeToLive	Operator	historyTimeToLive: the new history time to live. decisionDefinitionId: the id of the decision definition whose history time to live is updated. decisionDefinitionKey: the key of the decision definition whose history time to live is updated.
	Evaluate	Operator	decisionDefinitionId: the id of the decision definition that was evaluated. decisionDefinitionKey: the key of the decision definition that was evaluated.
CaseDefinition	UpdateHistoryTimeToLive	Operator	historyTimeToLive: the new history time to live. caseDefinitionKey: the key of the case definition whose history time to live is updated.
Job	ActivateJob	Operator	suspensionState: the new suspension state active
	SetPriority	Operator	priority: the new priority of the job
	SetJobRetries	Operator	retries: the new number of retries nrOfInstances: the number of jobs that were updated. async: true if operation was performed asynchronously as a batch, false if operation was performed synchronously
	SuspendJob	Operator	suspensionState: the new suspension state suspended async: true if operation was performed asynchronously as a batch, false if operation was performed synchronously
	Execute	Operator	No additional property is logged
	Delete	Operator	No additional property is logged
	SetDueDate	Operator	duedate: the new due date of the job
	RecalculateDueDate	Operator	creationDateBased: if the value is set to true, the new due date was calculated based on the creation date of the job. Otherwise, it was calculated using the date the recalcuation took place. duedate: the new due date of the job
	CreateHistoryCleanupJobs	Operator	immediatelyDue: true if the operation was performed immediately, false if the operation was scheduled regularly
Variable	ModifyVariable	Operator/ TaskWorker	No additional property is logged
	RemoveVariable	Operator/ TaskWorker	No additional property is logged
	SetVariable	Operator/ TaskWorker	No additional property is logged
	DeleteHistory	Operator	In case of single operation: name: the name of the variable whose history was deleted In case of list operation by process instance: No additional property is logged
Deployment	Create	Operator	duplicateFilterEnabled: if the value is set to true, then during the creation of the deployment the given resources have been checked for duplicates in the set of previous deployments. Otherwise, the duplicate filtering has been not executed. deployChangedOnly: this property is only logged when duplicateFilterEnabled is set to true. If the property value is set to true then only changed resources have been deployed. Otherwise, all resources are redeployed if any resource has changed.
	Delete	Operator	cascade: if the value is set to true, then all instances including history are also deleted.
Batch	ActivateBatch	Operator	suspensionState: the new suspension state active
	SuspendBatch	Operator	suspensionState: the new suspension state suspended
	Delete	Operator	cascadeToHistory: true if historic data related to the batch job is deleted as well, false if only the runtime data is deleted.
	DeleteHistory	Operator	No additional property is logged
	SetRemovalTime	Operator	async: true if operation was performed asynchronously as a batch nrOfInstances: The amount of updated instances removalTime: The date of which an instance shall be removed mode: CALCULATED_REMOVAL_TIME if the removal time was calculated, ABSOLUTE_REMOVAL_TIME if the removal time was set explicitly, CLEARED_REMOVAL_TIME if the removal time was cleared
ExternalTask	SetExternalTaskRetries	Operator	retries: the new number of retries nrOfInstances: the amount of external tasks that were updated async: true if operation was performed asynchronously as a batch, false if operation was performed synchronously
	SetPriority	Operator	priority: the new priority
	Unlock	Operator	No additional property is logged
DecisionInstance	DeleteHistory	Operator	nrOfInstances: the amount of decision instances that were deleted async: true if operation was performed asynchronously as a batch, false if operation was performed synchronously deleteReason: the reason for deletion. This property exists only if operation was performed asynchronously
	SetRemovalTime	Operator	async: true if operation was performed asynchronously as a batch nrOfInstances: The amount of updated instances removalTime: The date of which an instance shall be removed mode: CALCULATED_REMOVAL_TIME if the removal time was calculated, ABSOLUTE_REMOVAL_TIME if the removal time was set explicitly, CLEARED_REMOVAL_TIME if the removal time was cleared hierarchical: true if the removal time was set across the hiearchy, false if the hierarchy was neglected
CaseInstance	DeleteHistory	Operator	nrOfInstances: The amount of case instances that were deleted. Only present if executed in bulk delete.
Metrics	Delete	Operator	timestamp: The date for which all metrics older than that have been deleted. Only present if specified by the user. reporter: The reporter for which all metrics reported by it have been deleted. Only present if specified by the user.
TaskMetrics	Delete	Operator	timestamp: The date for which all task metrics older than that have been deleted. Only present if specified by the user.
OperationLog	SetAnnotation	Operator	operationId: the id of the annotated operation log
	ClearAnnotation	Operator	operationId: the id of the annotated operation log
Filter	Create	TaskWorker	filterId: the id of the filter that been created
	Update	TaskWorker	filterId: the id of the filter that been updated
	Delete	TaskWorker	filterId: the id of the filter that been deleted
User	Create	Admin	userId: the id of the user that has been created
	Update	Admin	userId: the id of the user that has been updated
	Delete	Admin	userId: the id of the user that has been deleted
	Unlock	Admin	userId: the id of the user that has been unlocked
Group	Create	Admin	groupId: the id of the group that has been created
	Update	Admin	groupId: the id of the group that has been updated
	Delete	Admin	groupId: the id of the group that has been deleted
Tenant	Create	Admin	tenantId: the id of the tenant that has been created
	Update	Admin	tenantId: the id of the tenant that has been updated
	Delete	Admin	tenantId: the id of the tenant that has been deleted
Group membership	Create	Admin	userId: the id of the user that has been added to the group groupId: the id of the group that the user has been added to
	Delete	Admin	userId: the id of the user that has been deleted from the group groupId: the id of the group that the user has been deleted from
TenantMembership	Create	Admin	tenantId: the id of the tenant that the group or user was associated with userId: the id of the user that has been associated with the tenant. Is not present if the groupId is set groupId: the id of the group that has been associated with the tenant. Is not present if the userId is set
	Delete	Admin	tenantId: the id of the tenant that the group or user has been deleted from userId: the id of the user that has been deleted from the tenant. Is not present if the groupId is set groupId: the id of the group that has been deleted from the tenant. Is not present if the userId is set
Authorization	Create	Admin	permissions: the list of permissions that has been granted or revoked permissionBits: the permissions bit mask that is persisted with the authorization type: the type of authorization, can be either 0 (GLOBAL), 1 (GRANT) or 2 (REVOKE) resource: the name of the resource type resourceId: The id of the resource. Can be * if granted or revoked for all instances of the resource type. userId: The id of the user the authorization is bound to. Can be * if granted or revoked for all users. Is not present when groupId is set. groupId: The id of the group the authorization is bound to. Is not present when userId is set.
	Update	Admin	permissions: the list of permissions that has been granted or revoked permissionBits: the permissions bit mask that is persisted with the authorization type: the type of authorization, can be either 0 (GLOBAL), 1 (GRANT) or 2 (REVOKE) resource: the name of the resource type resourceId: The id of the resource. Can be * if granted or revoked for all instances of the resource type. userId: The id of the user the authorization is bound to. Can be * if granted or revoked for all users. Is not present when groupId is set. groupId: The id of the group the authorization is bound to. Is not present when userId is set.
	Delete	Admin	permissions: the list of permissions that has been granted or revoked permissionBits: the permissions bit mask that is persisted with the authorization type: the type of authorization, can be either 0 (GLOBAL), 1 (GRANT) or 2 (REVOKE) resource: the name of the resource type resourceId: The id of the resource. Can be * if granted or revoked for all instances of the resource type. userId: The id of the user the authorization is bound to. Can be * if granted or revoked for all users. Is not present when groupId is set. groupId: The id of the group the authorization is bound to. Is not present when userId is set.
Property	Create	Admin	name: the name of the property that was created
	Update	Admin	name: the name of the property that was updated
	Delete	Admin	name: the name of the property that was deleted