cancel
Showing results for 
Search instead for 
Did you mean: 

Capturing Audit Log during Credential update in Credentials using BOT account (Runtime Resource)

Anonymous
Not applicable
Dear Team, As of now, If credentials of an underlying application or machine credentials (AD) are changed by bot account and update the credentials back in credential manager, Audit log is not capturing the update details, which is security concern. I would request you to please check and try to implement the same in next version as an enhancement.  This is occurring due to accessibility previleges are not enabled for Credentials in the Runtime Resource Role.
1 REPLY 1

david.l.morris
Level 15
First, let me mention I completely agree that this information should be recorded somewhere. I should be able to see, for example, the last time a credential was updated and by what user it was updated. I am not sure whether the current Audit Log feature is the right place for that though. I almost feel like the actions performed by a Runtime Resource should be logged into a different table in the DB entirely. In a way, the session logs do this, but session logging can be disabled so it's not great for audit purposes. From what I've seen, the purpose of the Audit Log is more for human user interaction with the Blue Prism environment. It is not an audit log of actions performed by the bots. The idea is to have a record of what people did while they were logged in. Bots are not sentient and they only do exactly what they were programmed to do. So, in my opinion, the problem is wider than just the updating of credentials to be logged in the audit log. It would also extend to the retrieval and use of credentials, the opening of applications, the writing of data to anywhere, etc.. For example, if you want to monitor the bots' use of credentials, then it should also say every time that a password was retrieved and what application that password was written into. So, I second this suggestion, but I think it should be in a new section such as RR Audit Log or something like that.

Dave Morris, 3Ci at Southern Company