Audit Trail and Sessions
The Audit Trail and Sessions pages are integral components of your entity Dashboard, designed for comprehensive monitoring of user actions and session dynamics. The Audit Trail feature offers a meticulously maintained log that enables administrators to trace and sift through the activities of administrators of all access levels, ensuring transparency and accountability across all tiers of the Frame platform's hierarchy.
Simultaneously, the Sessions page which features Frame's Sessions, accessible from the same Dashboard, delivers granular insights into the live session activities pertinent to the specific Organization or Account in focus. This documentation will navigate you through the processes of accessing and utilizing both the Audit Trail and Sessions pages to their full potential.
Audit Trail
The Audit Trail page is designed to provide relevant information at each hierarchical layer of the Frame Tenant. When accessed from an Account Dashboard, it will present access reports exclusively for that Account. Conversely, if you access it through an Organization entity, it will encompass audit logs for all associated subordinate accounts.
In the example below, we are accessing the Audit Trail page of an Organization, which is why we're able to view administrator activity across multiple accounts under that Organizational entity.
Administrators can search audit logs by first name, last name, and email address. Click the column titles to adjust the display order as desired.
If you would like to search for audit events within a certain time frame, click on the date range in the upper right corner of the section. Set your desired time frame by clicking on the starting and ending dates in the calendar view.
Using the filter icon in the top right corner, you can filter your results by specific account action.
Lastly, you can download the details of your Audit Trail in CSV format by clicking the blue Download CSV link in the upper right corner. The CSV will provide all Audit Trail details for the time frame specified to the left of the download link.
Sessions
The Sessions page provides a comprehensive overview of user sessions in a card-style format. Each session card includes a unique Session ID, the specific Account and user involved, and the instance type used during the session. Detailed metrics such as bandwidth usage, frame rate, and latency offer insights into the performance and quality of each session.
Accessible from the Customer, Organization, and Account-level Dashboards, the Sessions page also features search functionality to quickly locate specific sessions. Additionally, you can download session data as a CSV file for further analysis. This page is a pivotal resource for administrators to monitor and evaluate user engagement and system performance on the Frame platform.
Session Card Information
Each card provides comprehensive information about the session. As you can see below, the card is split up into 4 different sections. Just like the Audit Trail page, you can also narrow your Session page information down by selecting a date range in the upper right corner.
- First Section
- Second Section
- Third Section
- Fourth Section
| Info | Description |
|---|---|
| Status Indicator | The color of the bar shown in the far left side of the card indicates the session status. More details about session status can be found below. |
| Session ID | This unique identifier for the session is important when discussing a user session issue with Frame Support. |
| Account Details | Indicates if the session is Persistent, the name of the account, and the name of the Launchpad the session is tied to. |
| User | First name and last name of the user in session, as provided by a third-party identity provider integration or Basic Authentication. |
| Email address of the user accessing the session. | |
| Status Description | The gray box at the bottom of the card describes specifics about the status of the session. In this example, this closed session was "closed by user." |
| Info | Description |
|---|---|
| Instance Type | Name of the instance type for this workload VM. Instance type names are specific to the underlying infrastructure. In the case of AHV, the instance type name will be the name you defined under the AHV Cloud Account. |
| VM Name | Name of the workload VM. |
| Browser | The browser and browser version number being used to access the session. |
| OS | The type of operating system on the endpoint device being used to access the session. |
| Info | Description |
|---|---|
| Start Time | The time (UTC or local time of the administrator's endpoint) when the user connected to a virtual machine using Frame Remoting Protocol. |
| Session Duration | The time span from the session's start (when the user connected to a virtual machine) to its end (when the user logged out of the operating system). |
| IP Address | The IP address from which the session was accessed. |
| Info | Description |
|---|---|
| Bandwidth | Average bandwidth consumed during the session. Min, average, and max values can be viewed by hovering over the bandwidth value. For sessions with multiple displays, bandwidth metrics are cumulative across displays. |
| Latency | Average latency measured during the session. Min, average, and max values are displayed upon hovering over the latency value. |
| Frame Rate | Average frame rate during the session. Min, average, and max values can be revealed by hovering over the frame rate value. |
Hovering over the values within each card will display additional information.
Additionally, you can identify the status of the session at a glance by the color of the bar on the far left side of each card.
| Color and Status | Description |
|---|---|
Active | The session is currently in use. The status description will likely show "Active Session." |
Closed | Indicates a closed session. Admins may see "Closed by user" or "Idle timeout has expired" in the status description box. |
Failed | This status indicates a failed session. The gray status description box will show the word "FAILED" in red along with a failed reason, if available. |
Suspended | Suspended sessions will still be shown as active, however, they are in a suspended state. You can see suspended sessions by clicking the "Suspended" option from the session status dropdown menu at the top of the page. |
You can use the search bar under the section header by entering details such as a user's email, name, or Session ID. Select the first dropdown menu on the right side of the page to adjust the date range.
Click on the kebab menu listed next to any session and select Timeline to display a timeline view of session events.
Additionally, you can access the Logs for a session directly from the interface by selecting Log from the kebab menu of the desired session.
Administrators can close active sessions from this page as well by selecting the option within the kebab menu.
Download Session Data
Lastly, you can download the session data in CSV format by clicking the download icon at the top of the page. The CSV will provide all session details for the time frame specified to the left of the download link.
| Column | Details |
|---|---|
| Session ID | Unique identifier for the session. Important to provide when discussing a user session issue with Frame Support. |
| Workload ID | Unique identifier for the server used by the session. Important to provide when discussing a session or server issues with Frame Support. |
| First Name | First name of the session's user, as provided by a third-party identity provider integration, Basic Authentication, or if specified in a Secure Anonymous Token (SAT) request. |
| Last Name | Last name of the session's user, as provided by a third-party identity provider integration, Basic Authentication, or if specified in a Secure Anonymous Token (SAT) request. |
| Identity Provider | Name of the Identity Provider(IdP) used by Frame. |
| The email address of the session's user, as provided by a third-party identity provider integration or Basic Authentication. | |
| IP Address | IP address from where the session start request originated (Usually the IP address of the system where the browser started the session). |
| City | Geolocated city from where the session start request originated, derived from the user's IP address. |
| Distance | Distance in miles from the originating request's geolocation to the workload VM's geolocation. |
| System | The pool type used for the session (e.g., Production, Sandbox, Utility). |
| Instance Type | Name of the instance type for this workload VM. Instance type names are specific to the underlying infrastructure. In the case of AHV, the instance type name will be the name you defined under the AHV Cloud Account. This name corresponds to the name of the pool in Capacity. |
| Ram Memory | Amount of RAM allocated to the instance type. |
| vCPU | Number of virtual CPUs available to the instance type. |
| GPU | GPU identifier for the instance type/infrastructure. |
| State | Current state of the session (e.g., 'closed'). |
| Start | Time when the user was connected to a virtual machine using Frame Remoting Protocol (UTC or local time of administrator's endpoint). |
| End | Time when the user's session finished, after post-session processes (UTC or local time of administrator's endpoint). |
| Duration | Elapsed time in seconds from the start to the close of the session. |
| Bandwidth Fields (Multiple) | Min, average, and max bandwidth values consumed during the session. |
| Frame Rate Fields (Multiple) | Min, average, and max frame rate values during the session. |
| Latency Fields (Multiple) | Min, average, and max latency values measured during the session. |
| Metadata | Metadata passed into a session from the User's token (SAT or from IdP), set when the token is generated. |
| Launchpad ID | The Launchpad ID utilized when initiating the session. |