Contents x
    Security Logs
      • PDF
      Contents

      Security Logs

        • PDF
        Article summary

        Article Overview

        The following article describes EasySend's security logs mechanism. 

        What are EasySend's Security Logs?

        An EasySend security log is a record of security-related events and activities that occur within the lifecycle of digital processes or EasySign documents. EasySend allows its customers to send security logs to their internal Traditional security information and event management (SIEM) systems.

        NOTE
        Please note that the configuration of your security logs mechanism is done internally by EasySend. For additional information, please contact our support team.

        Security Logs Configuration

        (See Figure 1 and Figure 2)

        Security logs can be enabled for digital processes and/or EasySign documents. 

        Figure 1: Security Logs

        Once the switch is toggled to on, the following options appear:

        • Select Service dropdown - this dropdown contains a list of services, the selected service will be the one configured to send the security log. A security log can be sent in one of the following service steps:
          • Email
          • Rest API
          • File storage
          • Encode/decode
        NOTE
        Because the security logs are sent through a service, it is possible to configure a different log per environment (DEV/PROD). 
        • Events dropdown - this dropdown contains a list of security events to include in the log:
          • All Events
          • Link Sent
          • Link Opened
          • Completed Step
          • Data Submitted
          • Completed
          • Authentication - this event includes One Time Password (OTP) events such as:
            • OTP sent
            • OTP resent
            • OTP passed
            • OTP failed
            • Session blocked

        Figure 2: Configuring Security Logs

        Security Log Structure

        The following is an example of a JSON for a log of an event:

        {
    // Generic data fields about the customer and the environment of the log.
    "message": "Security log",
    "environment": "customer-easysend",
    "product_type": "Player",
    "customer_id": "customer", 
    "specificCustomerName": "customer",
    "environment_type": "production",
    "player_version": "31.21.2",
    "server_url": "https://customer.easysend.app",
    
    // Specific data about this security event.
    "process_id": "Eafgucj6oCbDZxt9NVgI",
    "master_rid": "k03P5rnmq-8",
    "rid": "ygvRhMXpAqY",
    "role": "user",
    "security_event_type": "OPENED",
    "session_type": "digitalJourney",
    "eventGroup": "security_events",
    "ip": "199.203.234.130",    
    "is_co_browsing_on": false,
    "delivery_method": "send_link",
    "workflow_step_id": "xxxxxxxx",
    "authentication_method": "ssoCognito",
    "authentication_status": "success"
    
    // These attributes come OOTB with the default logger, we can include them in the webhook too.
    "logger": "es.log.player_backend.server.service.events_pubsub.subscribers.security_events_handler",
    "type": "python", 
    "execution_id": "97722750-893f-4fe0-bf21-26d6162a62aa",
    "hostname": "leumi-player-web-8895dbd5d-mqz5b",
    "LogSize": 1157,
    "path_name": "/app/player_backend/server/service/events_pubsub/subscribers/security_events_handler.py",
    "log_level": "INFO",
    "logging_version": 1,
    "@timestamp": "2024-07-30T16:48:53.990Z",
    "category": "Default",
    "commit_id": "ab48c12751e2c99c88b83b51c4152ef28027b38e",
}
        Was this article helpful?
        What's Next

        Can’t find what you’re looking for?

        Let us know what you need and we'll help you as soon as possible.

        Contact support