Closer
  • Closer guides and FAQ
  • Back to Closer
  • Guide
    • Onboarding
      • Configure your widget
      • Install the widget on your website
      • Invite your team
      • Get the mobile app
      • Advanced Closer widget integration
    • Zacznij używać Closer
      • Przewodnik po platformie
      • Rozmowy
        • Inbox
    • Zarządzaj doradcami
      • Zaproś doradców firmy
      • Ustawienia doradcy
      • Grupuj doradców
    • Skonfiguruj routing
      • Wprowadzenie
      • Dodaj tagi
      • Reguły tagowania
      • Dodaj reguły tagowania
      • Grupuj tagi
      • Ustawienia grupy tagów
    • Getting deeper in dashboard
      • Conversations
        • Inbox
        • Conversation data
    • Getting deeper in widget
      • Widget guides
    • Notifications
    • How to
      • Schedule online meetings
      • Click to call
      • Tagging
      • Proactive messages
      • Set up skill-based routing
      • Manage your team’s workload
      • Force new user everytime in widget
      • User authorization callbacks
      • On deinit callback
      • Identify leads
      • Reports
      • SLA
      • Customer typing preview
      • Push out data with Webhooks
      • Routing
      • Widget OAuth configuration
      • Forms configuration
      • Org configuration API
      • Org configuration fields
      • Configure OMNI integration
      • Elasticsearch business logs
      • Elasticsearch security logs
      • Manage widget button
    • Contact us
    • Supported browsers
    • Upcoming features drafts
      • Business events structure (JSON) - Draft
  • FAQ
    • General
    • Bots
    • Calendar
    • Random
Powered by GitBook
On this page
  • Logs structure
  • Example event from elasticsearch

Was this helpful?

  1. Guide
  2. How to

Elasticsearch security logs

For enterprise clients we can provide our security logs from elasticsearch. Contact us for more details about connecting and pulling logs.

Logs structure

Our logs monitors all HTTP requests that could change configuration of your organization from users. All logs have @timestamp field which provides time when request was executed. Also you can find field message.source.ip containing requester ip address. When user is authenticated we include message.user.id field which provides user's ID in Closer and message.user.roles which describes roles of the user.

We also provide message.http.request.body and message.http.request.method so you can identify what action user was trying to made. Fields message.http.response.body and message.http.response.status_code gives you information about result of the action. Full url address at which user was executing request is provided in field message.url.full.

For better filtering of logs we provide fields message.event.category, message.event.kind, message.event.type, message.event.outcome and message.event.action. Those fields are compilant with ECS event fields. List of our event actions:

  • org_config_change- change made to general config of organization

  • free_org_creation- creation of org with free plan

  • stripe_org_creation- creation of org with paid plan

  • widget_logo_creation- creation of new logo on widget header

  • widget_logo_deletion- deletion of logo on widget header

  • widget_background_creation- creation of new background image on widget header

  • widget_background_deletion- deletion of background image on widget header

  • agent_profile_change- change made to agent profile

  • agent_deactivation- agent deactivation in organization

  • agent_restore- agent restore in organization

  • agent_login- agent login to closer using email and password

  • agent_login_with_magic_link- agent login using magic link

  • agent_logout- agent logout from closer

  • agent_password_change- agent password change from settings

  • agent_password_change_with_token- agent password change using token

  • agent_password_reset- agent password reset request

  • agent_skills_change- change of agent's skills

  • agent_preferences_change- change of agent preferences about notifications and inbox sorting

  • agent_limit_change- change of agent assigned conversations limit, currently not used

  • agent_role_change- change of agent's role, from admin or to admin

  • agent_invitation- invitation to organization for new agent

  • agent_invitation_acceptation- invitation to organization accepted from new agent

  • agent_avatar_creation- creation of new agent avatar

  • agent_avatar_deletion- deletion of agent avatar

  • unavailability_reason_creation- creation of unavailability reason for agent on unavailable status

  • unavailability_reason_change- change of unavailability reason for agent on unavailable status

  • unavailability_reason_deletion- deletion of unavailability reason for agent on unavailable status

  • bot_type_change- change of bot type in closer

  • lekta_config_creation- creation of lekta integration config for bot

  • lekta_config_change- change in lekta integration config for bot

  • event_action_config_creation- creation of event action config, response that is send by bot on specific event

  • event_action_config_change- change of event action config

  • event_action_config_deletion- deletion of event action config

  • ai_suggestions_config_change- change on ai suggestions config

  • ai_suggestions_intent_creation- creation of ai suggestions intent

  • ai_suggestions_intent_change- change of ai suggestions intent

  • ai_suggestions_intent_deletion- deletion of ai suggestions intent

  • ai_suggestions_dataset_creation- creation of ai suggestions dataset for nlu

  • ai_suggestions_dataset_change- change of ai suggestions dataset for nlu

  • ai_suggestions_dataset_deletion- deletion of ai suggestions dataset for nlu

  • widget_form_config_creation- creation of widget form config to display for customer on widget

  • widget_form_config_change- change of widget form config

  • widget_form_config_deletion- deletion of widget form config

  • oauth_authorization- authorization of customer using oauth

  • oauth_config_creation- creation of oauth config for customer authorization

  • oauth_config_change- change of oauth config

  • oauth_config_deletion- deletion of oauth config

  • proactive_messages_config_creation- creation of proactive message config displayed over widget

  • proactive_messages_config_change- change of proactive message config

  • proactive_messages_config_deletion- deletion of proactive message config

  • profanities_config_creation- creation of profanities config that is used to block some words for sending

  • profanities_config_change- change of profanities config

  • tag_mapping_config_creation- creation of tag mapping config for tagging customers on specific page

  • tag_mapping_config_change- change of tag mapping config

  • tag_mapping_config_deletion- deletion of tag mapping config

  • org_topic_creation- creation of topic in org

  • org_topic_change- change of topic in org

  • org_topic_deletion- deletion of topic in org

Example event from elasticsearch

{
  "_index": "closer",
  "_type": "entry",
  "_id": "s3baO3kBZbVQk2pxTK-w",
  "_version": 1,
  "_score": 0,
  "_source": {
    "@timestamp": "2021-05-05T09:27:12.529+0000",
    "message": {
      "event.kind": [
        "event"
      ],
      "event.category": [
        "configuration"
      ],
      "event.type": [
        "change",
        "user"
      ],
      "event.action": "agent_skills_change",
      "event.outcome": "success",
      "http.request.body.content": "{\"skills\":[\"skill\"]}",
      "http.request.method": "PUT",
      "http.response.status_code": 204,
      "user.id": "00000000-0000-0000-0000-000000000000",
      "user.roles": [
        "ADMIN"
      ],
      "source.ip": "/89.187.249.34",
      "url.full": "http://spinner.stage.closer.app/api/users/agents/00000000-0000-0000-0000-000000000000/skills",
      "ecs.version": "1.9"
    }
  }
}
PreviousElasticsearch business logsNextManage widget button

Last updated 2 years ago

Was this helpful?