Audit Log Viewer

The COMET system logs user activity from the moment they log in to COMET via the web UI or our native mobile apps.  The key information we store relates to each successful login, any changes to the data managed by Comet in our backend database (a.k.a. create, update, or delete commands), and any attempts to violate the permissions allocated to their user profiles.

The Audit Log Viewer allows the Superuser to quickly get an audit report directly from Comet WEB UI or the Comet Admin app.

Access in the Admin App

Access to the Admin app is available via a direct link, by adding /appadmin to your Comet homepage address, e.g. http://comet.concacaf.com/appadmin or http://comet.irishfa.com/appadmin . Access is authorized to users with Superuser role on the level of the National Association or Confederation (tenant level) via the SSO feature of our trusted Keycloak IAM system.

In the Comet Admin app, you will see a new menu option on the left called Audit Log. The screen is divided into three tabs, which allow you to search by either User, Entity, or Email. 

User Log

If you wish to investigate the activity of a specific user, you will be required to select this user from the list of all available users under your tenant (organization) and specify the time period of the activity that may be of interest to you by entering Date from and Date to. You can also narrow down the search to a more specific time in half-hour intervals.

Note:  Considering the large amount of data in the audit logs and the processing required for each search, the maximum time period has been limited to 15 days per search.  You will notice that the system automatically controls the end date of your search as soon as you select the start date.

When you complete the input parameters, you can start the search by clicking on the “Export to Excel” button below.  As the button clearly suggests, the generated results will be exported to Excel and emailed to the address provided in your user account.  

Entity Log

If you wish to investigate changes related to a specific entity, switch to the second tab of the Audit Log functionality. You must select one of the available entity types presented in the list: Person, Organization, Competition, Match, Case, or User. You must also enter the COMET ID of that same entity, be it a person or competition, etc.

As explained previously, when you complete the input parameters, you can start the search by clicking on the button “Export to Excel”.  The generated results will be exported to Excel and emailed to the address provided in your user account.  Please note that the search is designed to compile the report for that specific entity and related information. For example, when you search for a specific person, the system checks for any relevant changes to the person entity and the person’s registrations, contracts, contacts, titles and licenses, etc. 

Email Log

The third tab lets you see the emails sent to users from the system. You can specify the time period of the activity that may interest you by entering the Date from and Date to. You can also narrow the search to a more specific time in half-hour intervals. The Search bar enables you to narrow the results by entering the ID of the message sent and the username or email of the sender, recipient, or subject of the email.

The results are shown in the list in the figure below. Columns, in the order shown, present the following:

• ID - ID of the message sent, generated by the system,

• Date/Time - date and time when the message was sent

• Created by - username of the person who made an action that triggered sending a message

• Sender - email of the sender shown to the recipient

• Recipient - email of the recipient

• Subject - a subject of an email

• Attachments - this field is left empty if no attachments were added to an email; if an attachment was sent, the 📎 Paperclip icon is shown. The attachment can be seen by clicking on the row presenting this email (more below)

• Status - status of the message, Sent or Failed

• Error - this field is only filled out if there was some error in sending the message - the status of the message is set to FAILED

A click on a row containing a message enables you to see the content of the message sent, as well as the data already visible in the table. From here, you can also download the attachment presented with the 📎 Paperclip symbol in the table. Download an attachment by clicking on a downward arrow pointing next to the attached file's name.

Views Log

The Views Audit Log provides visibility into what resources and pages users have accessed, helping administrators ensure that system access is used strictly for legitimate business purposes. Unlike other logs, the volume of Views logs is significantly higher, which required the introduction of a new backend technology capable of aggregating and efficiently searching through billions of entries.

The Views Audit Log includes several powerful search and filtering features to help narrow down results:

• Date and time filters – to search for actions performed within a specific time range

• Username filter – to see activity tied to a specific user

• Global search – to search across all fields for keywords, URLs, or identifiers

The results are displayed in a structured list format, with each log entry containing the following columns:

• Date/Time – Timestamp of the view action

• Username – The user who performed the view

• Host – The server host where the request was received

• Port – The network port used

• URL – The full URL of the accessed resource

• Tenant – The tenant context in which the access occurred

This tool provides critical insight for maintaining transparency, auditing user access behavior, and ensuring data privacy compliance across your organization.

Examples:

Tracking Access to Player Profiles by a Specific User

To see which player profiles were accessed by a specific user, follow the steps:

1. In the global search field, enter the following string:
   "person/index.xhtml?personType=Player&id="
   This will filter for views related specifically to Player profiles.

2. In the Search by Username field, enter the username of the user you want to investigate

The result will display a list of all player profile views accessed by that user, including the date/time, URL, and other relevant details.

Identifying Users Who Accessed a Specific Player Profile

To find out which users have accessed a specific player’s profile, such as the player with ID 15193, follow these steps:

1. In the global search field, enter the player’s ID directly—for example:
   "15193"

2. Leave the Search by Username field empty if you want to see all users who accessed that profile.

The results will display a list of all authenticated users who accessed the profile containing that ID, along with details such as date/time, username, and accessed URL.

Access from Profiles in COMET UI

The report available from “Export to Excel”, described above, can be generated directly from the Comet UI. For any of the above-mentioned entities, the level Superuser can obtain the same Excel file by opening the entity-specific screen, clicking on Options, and selecting Audit Log.  For example, if you are investigating changes made to a player’s date of birth or a recent registration, you can open the profile of this player, click on the Options button (located below the photo), and click on Audit Log.  The same option is available on the profile of any Organization, Competition, Match, Disciplinary case or User.

Important Notes

• In multi-tenant implementations of COMET, audit results are filtered by tenant, which simply put means that you will be allowed to see activity related to your own users only.

• Time stamp in the Date/time field of each row is expressed in UTC (Universal Coordinated Time), which is a world-wide accepted standard.

• The logs are collected in the New Audit Log database as of 13 July 2022. Would you need to access Audit Log entries that were logged prior to that date, this will require the old procedure using the support channel.