Accessing a user's search history
It seems as though one of the members of my organization has used their access to our contact information in a way that they shouldn't have. I've been tasked with proving that they searched for, and accessed the email addresses of contacts and then copied or exported this information.
Is it possible to find a record of "who searched what" in drupal CiviCRM? I am open to either using the interface or mysql backend directly.
search
asked Dec 5 '18 at 15:44
namgonamgo
433
add a comment |
It seems as though one of the members of my organization has used their access to our contact information in a way that they shouldn't have. I've been tasked with proving that they searched for, and accessed the email addresses of contacts and then copied or exported this information.
Is it possible to find a record of "who searched what" in drupal CiviCRM? I am open to either using the interface or mysql backend directly.
search
asked Dec 5 '18 at 15:44
namgonamgo
433
add a comment |
It seems as though one of the members of my organization has used their access to our contact information in a way that they shouldn't have. I've been tasked with proving that they searched for, and accessed the email addresses of contacts and then copied or exported this information.
Is it possible to find a record of "who searched what" in drupal CiviCRM? I am open to either using the interface or mysql backend directly.
search
asked Dec 5 '18 at 15:44
namgonamgo
433
It seems as though one of the members of my organization has used their access to our contact information in a way that they shouldn't have. I've been tasked with proving that they searched for, and accessed the email addresses of contacts and then copied or exported this information.
Is it possible to find a record of "who searched what" in drupal CiviCRM? I am open to either using the interface or mysql backend directly.
search
search
asked Dec 5 '18 at 15:44
namgonamgo
433
asked Dec 5 '18 at 15:44
namgonamgo
433
asked Dec 5 '18 at 15:44
namgonamgo
433
asked Dec 5 '18 at 15:44
namgonamgo
433
asked Dec 5 '18 at 15:44
namgonamgo
433
433
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
CiviCRM does not store information of who accessed what, for better and worse.
If you have the advanced logging turned on, you can see changes users made. The CMS may have a record of when they last accessed the site, if that's helpful. There's also an extension that adds a permission to restrict exports. While any of those might be helpful, none are what you're looking for, because it doesn't exist - sorry!
answered Dec 5 '18 at 16:38
Jon G - Megaphone TechJon G - Megaphone Tech
26.1k11770
Should I make another post for who viewed what, in place of who searched for what, or would you be able to answer this in the comments?
– namgo
Dec 5 '18 at 17:09
Per Jon's comment, Civi does not have the capacity to store data about who viewed what in the database.
– Lesley Carter - BackOffice
Dec 5 '18 at 18:38
It should be possible to implement this as a feature in an extension - definitely for exports saving the user, timestamp + query and/or list of contact ids exported + and number of rows would be a great start. Having a copy of the file on hand might require too much space - and additional issues when you think about GDPR compliance etc.
– Luke Stewart
Dec 5 '18 at 22:07
add a comment |
While there isn't a way to do it using native Civicrm - you might be able to get close using webserver logs - depends on how your server is set up and if they are still available for the time period concerned, and if the person was accessing the site from a location that no other users were, or will be identifiable by their user agent in combination with IP address. If they are using the same browser as everyone else and have done this on site then this solution isn't going to work.
Assuming your webserver logs ip address and uri (including parameters), and that the person accessing it is going to be identifiable via a unique IP address, or user agent or combination.
If it is recent you could use check the drupal watchdog table to look for ip addresses associated with the user. Then depending on what information is in your webserver you could use that to identify which requests have been made by that user.
If your webserver logs contain the full uri - including url parameters - then you should be able to filter down on pages at /civicrm/ (Assumming there is no ability to view/export contacts via drupal views). Specific types of pages in civi have the same base uri - with different parameters for different records. Run the steps you are looking for then look in the log to identify what shows.
answered Dec 5 '18 at 20:04
Luke StewartLuke Stewart
523114
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "605"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcivicrm.stackexchange.com%2fquestions%2f27592%2faccessing-a-users-search-history%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
CiviCRM does not store information of who accessed what, for better and worse.
If you have the advanced logging turned on, you can see changes users made. The CMS may have a record of when they last accessed the site, if that's helpful. There's also an extension that adds a permission to restrict exports. While any of those might be helpful, none are what you're looking for, because it doesn't exist - sorry!
answered Dec 5 '18 at 16:38
Jon G - Megaphone TechJon G - Megaphone Tech
26.1k11770
Should I make another post for who viewed what, in place of who searched for what, or would you be able to answer this in the comments?
– namgo
Dec 5 '18 at 17:09
Per Jon's comment, Civi does not have the capacity to store data about who viewed what in the database.
– Lesley Carter - BackOffice
Dec 5 '18 at 18:38
It should be possible to implement this as a feature in an extension - definitely for exports saving the user, timestamp + query and/or list of contact ids exported + and number of rows would be a great start. Having a copy of the file on hand might require too much space - and additional issues when you think about GDPR compliance etc.
– Luke Stewart
Dec 5 '18 at 22:07
add a comment |
CiviCRM does not store information of who accessed what, for better and worse.
If you have the advanced logging turned on, you can see changes users made. The CMS may have a record of when they last accessed the site, if that's helpful. There's also an extension that adds a permission to restrict exports. While any of those might be helpful, none are what you're looking for, because it doesn't exist - sorry!
answered Dec 5 '18 at 16:38
Jon G - Megaphone TechJon G - Megaphone Tech
26.1k11770
Should I make another post for who viewed what, in place of who searched for what, or would you be able to answer this in the comments?
– namgo
Dec 5 '18 at 17:09
Per Jon's comment, Civi does not have the capacity to store data about who viewed what in the database.
– Lesley Carter - BackOffice
Dec 5 '18 at 18:38
It should be possible to implement this as a feature in an extension - definitely for exports saving the user, timestamp + query and/or list of contact ids exported + and number of rows would be a great start. Having a copy of the file on hand might require too much space - and additional issues when you think about GDPR compliance etc.
– Luke Stewart
Dec 5 '18 at 22:07
add a comment |
CiviCRM does not store information of who accessed what, for better and worse.
If you have the advanced logging turned on, you can see changes users made. The CMS may have a record of when they last accessed the site, if that's helpful. There's also an extension that adds a permission to restrict exports. While any of those might be helpful, none are what you're looking for, because it doesn't exist - sorry!
answered Dec 5 '18 at 16:38
Jon G - Megaphone TechJon G - Megaphone Tech
26.1k11770
CiviCRM does not store information of who accessed what, for better and worse.
If you have the advanced logging turned on, you can see changes users made. The CMS may have a record of when they last accessed the site, if that's helpful. There's also an extension that adds a permission to restrict exports. While any of those might be helpful, none are what you're looking for, because it doesn't exist - sorry!
answered Dec 5 '18 at 16:38
Jon G - Megaphone TechJon G - Megaphone Tech
26.1k11770
answered Dec 5 '18 at 16:38
Jon G - Megaphone TechJon G - Megaphone Tech
26.1k11770
answered Dec 5 '18 at 16:38
Jon G - Megaphone TechJon G - Megaphone Tech
26.1k11770
answered Dec 5 '18 at 16:38
Jon G - Megaphone TechJon G - Megaphone Tech
26.1k11770
26.1k11770
Should I make another post for who viewed what, in place of who searched for what, or would you be able to answer this in the comments?
– namgo
Dec 5 '18 at 17:09
Per Jon's comment, Civi does not have the capacity to store data about who viewed what in the database.
– Lesley Carter - BackOffice
Dec 5 '18 at 18:38
It should be possible to implement this as a feature in an extension - definitely for exports saving the user, timestamp + query and/or list of contact ids exported + and number of rows would be a great start. Having a copy of the file on hand might require too much space - and additional issues when you think about GDPR compliance etc.
– Luke Stewart
Dec 5 '18 at 22:07
add a comment |
Should I make another post for who viewed what, in place of who searched for what, or would you be able to answer this in the comments?
– namgo
Dec 5 '18 at 17:09
Per Jon's comment, Civi does not have the capacity to store data about who viewed what in the database.
– Lesley Carter - BackOffice
Dec 5 '18 at 18:38
It should be possible to implement this as a feature in an extension - definitely for exports saving the user, timestamp + query and/or list of contact ids exported + and number of rows would be a great start. Having a copy of the file on hand might require too much space - and additional issues when you think about GDPR compliance etc.
– Luke Stewart
Dec 5 '18 at 22:07
Should I make another post for who viewed what, in place of who searched for what, or would you be able to answer this in the comments?
– namgo
Dec 5 '18 at 17:09
Should I make another post for who viewed what, in place of who searched for what, or would you be able to answer this in the comments?
– namgo
Dec 5 '18 at 17:09
Per Jon's comment, Civi does not have the capacity to store data about who viewed what in the database.
– Lesley Carter - BackOffice
Dec 5 '18 at 18:38
Per Jon's comment, Civi does not have the capacity to store data about who viewed what in the database.
– Lesley Carter - BackOffice
Dec 5 '18 at 18:38
It should be possible to implement this as a feature in an extension - definitely for exports saving the user, timestamp + query and/or list of contact ids exported + and number of rows would be a great start. Having a copy of the file on hand might require too much space - and additional issues when you think about GDPR compliance etc.
– Luke Stewart
Dec 5 '18 at 22:07
It should be possible to implement this as a feature in an extension - definitely for exports saving the user, timestamp + query and/or list of contact ids exported + and number of rows would be a great start. Having a copy of the file on hand might require too much space - and additional issues when you think about GDPR compliance etc.
– Luke Stewart
Dec 5 '18 at 22:07
add a comment |
While there isn't a way to do it using native Civicrm - you might be able to get close using webserver logs - depends on how your server is set up and if they are still available for the time period concerned, and if the person was accessing the site from a location that no other users were, or will be identifiable by their user agent in combination with IP address. If they are using the same browser as everyone else and have done this on site then this solution isn't going to work.
Assuming your webserver logs ip address and uri (including parameters), and that the person accessing it is going to be identifiable via a unique IP address, or user agent or combination.
If it is recent you could use check the drupal watchdog table to look for ip addresses associated with the user. Then depending on what information is in your webserver you could use that to identify which requests have been made by that user.
If your webserver logs contain the full uri - including url parameters - then you should be able to filter down on pages at /civicrm/ (Assumming there is no ability to view/export contacts via drupal views). Specific types of pages in civi have the same base uri - with different parameters for different records. Run the steps you are looking for then look in the log to identify what shows.
answered Dec 5 '18 at 20:04
Luke StewartLuke Stewart
523114
add a comment |
While there isn't a way to do it using native Civicrm - you might be able to get close using webserver logs - depends on how your server is set up and if they are still available for the time period concerned, and if the person was accessing the site from a location that no other users were, or will be identifiable by their user agent in combination with IP address. If they are using the same browser as everyone else and have done this on site then this solution isn't going to work.
Assuming your webserver logs ip address and uri (including parameters), and that the person accessing it is going to be identifiable via a unique IP address, or user agent or combination.
If it is recent you could use check the drupal watchdog table to look for ip addresses associated with the user. Then depending on what information is in your webserver you could use that to identify which requests have been made by that user.
If your webserver logs contain the full uri - including url parameters - then you should be able to filter down on pages at /civicrm/ (Assumming there is no ability to view/export contacts via drupal views). Specific types of pages in civi have the same base uri - with different parameters for different records. Run the steps you are looking for then look in the log to identify what shows.
answered Dec 5 '18 at 20:04
Luke StewartLuke Stewart
523114
add a comment |
While there isn't a way to do it using native Civicrm - you might be able to get close using webserver logs - depends on how your server is set up and if they are still available for the time period concerned, and if the person was accessing the site from a location that no other users were, or will be identifiable by their user agent in combination with IP address. If they are using the same browser as everyone else and have done this on site then this solution isn't going to work.
Assuming your webserver logs ip address and uri (including parameters), and that the person accessing it is going to be identifiable via a unique IP address, or user agent or combination.
If it is recent you could use check the drupal watchdog table to look for ip addresses associated with the user. Then depending on what information is in your webserver you could use that to identify which requests have been made by that user.
If your webserver logs contain the full uri - including url parameters - then you should be able to filter down on pages at /civicrm/ (Assumming there is no ability to view/export contacts via drupal views). Specific types of pages in civi have the same base uri - with different parameters for different records. Run the steps you are looking for then look in the log to identify what shows.
answered Dec 5 '18 at 20:04
Luke StewartLuke Stewart
523114
While there isn't a way to do it using native Civicrm - you might be able to get close using webserver logs - depends on how your server is set up and if they are still available for the time period concerned, and if the person was accessing the site from a location that no other users were, or will be identifiable by their user agent in combination with IP address. If they are using the same browser as everyone else and have done this on site then this solution isn't going to work.
Assuming your webserver logs ip address and uri (including parameters), and that the person accessing it is going to be identifiable via a unique IP address, or user agent or combination.
If it is recent you could use check the drupal watchdog table to look for ip addresses associated with the user. Then depending on what information is in your webserver you could use that to identify which requests have been made by that user.
If your webserver logs contain the full uri - including url parameters - then you should be able to filter down on pages at /civicrm/ (Assumming there is no ability to view/export contacts via drupal views). Specific types of pages in civi have the same base uri - with different parameters for different records. Run the steps you are looking for then look in the log to identify what shows.
answered Dec 5 '18 at 20:04
Luke StewartLuke Stewart
523114
answered Dec 5 '18 at 20:04
Luke StewartLuke Stewart
523114
answered Dec 5 '18 at 20:04
Luke StewartLuke Stewart
523114
answered Dec 5 '18 at 20:04
Luke StewartLuke Stewart
523114
523114
add a comment |
add a comment |
Thanks for contributing an answer to CiviCRM Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcivicrm.stackexchange.com%2fquestions%2f27592%2faccessing-a-users-search-history%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
