The Audit Investigation Report in Generated Reports is intended to replace the Administration > Auditing functionality in Q2central and is expected to include a larger retention of data over time.
This report includes any Q2 audit actions that are available in an FI's environment and provides information about the usage of Q2 products by FI staff and end users. Audit actions may vary due to an FI's specific products, single sign-ons (SSOs), and SDK integrations that exist, if any.
If your FI has not yet been fully migrated to the new audit data source, most of your audit data will be available through Q2 Console Reporting, but a partial amount of data will still exist in Q2central's Administration > Auditing feature. Eventually, all audit data will only be available through Q2 Console Reporting for all FIs.
Note
Your FI may have already been fully migrated to the new audit data source. If this is the case, reporting of all audit data is accessible thorugh the Audit Investigation Report in Q2 Console Reporting.
For FIs that have not completed the audit data migration, the available Start Date and End Date selection criteria will determine what dates have audit data in Q2 Console and in Q2central. The last available (selectable) date in the parameters will contain some data in Q2central and some data in Q2 Console. We recommend FIs continue to monitor audit data and use both resources until the data migration is fully complete.
To view and use Generated Reports in Q2 Console Reporting, you'll need specific rights (permissions) assigned to you in Q2 Console Administration. CSR rights are configured on the Administration > CSR Roles page in Q2 Console.
For information on the required entitlements to view and run the Audit Investigation Report, see the Generated Reports rights section of section of Rights for CSR Roles in Q2 Console.
Select the Reporting tile from the main Q2 Console dashboard, then select the Generated Reports tab on the left navigation menu. In the Generate report tab, select Audit Investigation Report from the list of available report titles. This opens the report parameters.
Parameters within this report include:
-
Start Date (required)
-
End Date (required)
-
Primary parameter (required)—Options include Action List, User ID, Customer ID, Client Address/IP Address, Transaction ID, or Session ID.
Note
Depending on what primary parameter is selected, subsequent secondary report parameters (whether mandatory or optional) will display. If Action list is selected as a primary or secondary parameter, up to five audit actions may be selected at a time.
-
Show whether audit event was CSR assist (optional)—Select this parameter if you wish to know whether the audit event was from a CSR Assist session into the end user's online banking experience. If not selected, this information will not return in the generated report.
-
Show XML details (optional)—This parameter will return the raw XML data that shows additional details for the audit action, including the before and after data, if applicable. This data is not formatted, so if necessary, it is recommended you use a DiffGram tool to more easily view the before and after changes. If not selected, this information will not return in the generated report.
Tip
Select the tooltip next to the report title to see the earliest date you can retrieve data. Use the Start Date and End Date parameters to determine the earliest date you can retrieve data. This report uses the exact Date and Time parameter, which allows for the time stamps to be converted to your browser's time zone at the time of generation.
Caution
Because this report includes all audit events from the Q2 database, this report can return a large amount of data. Rather than browsing the entire report, it is highly recommended to select the minimum date range for your needs, ensure the primary parameter from which you wish to pull data is correct, and specify the parameters of your desired results as much as possible.
After the parameter selection is complete, select Run Report to generate the report. When completed, the generated report will display in the Reports tab. You can download or export the completed report as a CSV file.
Audit events may be related to or the management of features, products, and functionality. The following are examples of audit events that may be included in a generated Audit Investigation Report.
-
Single Sign-On (SSO) logins to integrated Q2 apps or other third-party apps from digital banking
-
Customers, Users, Accounts, Rights & Entitlements in User Management
-
Passwords for online banking and/or back office CSR users
-
Transactions in digital banking and back-office applications
-
Transaction code configurations in Administration
-
Administration features, such as bank holidays and password policy
-
Subsidiaries, Templates, and Recipients
-
Self-Service Forms by a CSR User
-
Secure Messages in digital banking and/or back office applications
-
Secure Access Codes (SAC) or updates to SAC targets
-
Information Reports in corporate banking (if applicable for the FI)
-
Contextual Personal Finance Management (cPFM) accounts and transactions (if applicable for the FI)
-
Prospective digital banking profiles in Interactive Test Drive (if applicable for an FI)
-
Statements and mobile deposit(s) in digital banking
-
Disclaimer Acceptance by a user in digital banking
-
Commercial banking policies
-
Session logins and authentication of online banking user(s) and/or back office user(s)
-
Managing CSR Users, CSR Roles and Group Access Mapping (GAM) team (if applicable for the FI)
-
Fee Plans in User Management
-
Digital banking alerts
-
Switching Zones in back-office applications
-
Voice and Text banking
-
Risk-Fraud Analytics
-
Plaid Integration
Note
The list above is not meant to be exhaustive; rather, it serves to provide examples of audit actions that may return when generating the Audit Investigation Report.
The following are examples of data points that may be included in a generated Audit Investigation Report:
-
Timestamps
-
Action details, including Audit ID
-
Channel/UI Source and Zone (if Zones apply to your FI)
-
Hierarchy details (such as Group, Customer, and User details)
-
CSR Admin User details
-
Account and Generated Transaction information
-
Errors that occurred
-
Session and Workstation information
-
Client address/IP address information
-
XML Details (if the XML details parameter is selected)
-
Is CSR Assist (If Is CSR Assist parameter is selected)
Note
The list above is not meant to be exhaustive; rather, it serves to provide examples of available audit data when generating the Audit Investigation Report.
For more information on generating reports in Q2 Console, see Generated Reports in Q2 Console Reporting.