The Activity Module option shows how Kiuwan manages notifications and how to get control over all the users' actions in the Kiuwan account.

Activity Module allows you to register and to get notified by email of all the performed actions in Kiuwan, helping you to record the information of different processes. Below, you can find how to view these actions and how to configure the recipients of the notifications.

Introduction to Activity module

The Activity module can be selected at the top-right drop-down menu.

The Activity module contains the following tabs:

Actions: A list of all the events that have taken place in the system.

Notifications: A list of all the notifications generated by the events in the system and are sent to the recipients configured. In the Notifications sub-menu, select Configurations to customize how and which notifications are generated in your system.

Actions

The ACTIONS tab helps you to keep track of all the events related to your Kiuwan account: what, where, when, and who. Use the filters to find specific elements.

Users with admin privileges can see all the events of the system, even those performed by any user of the account. Other users are only allowed to see their own events and those events performed by other users that directly affect them.

Below, is the detailed information on the ACTIONS tab:

Name	Description
Action	Short description of the action performed. The actions are the following: ANALYSIS_END, ASSIGN, CREATE, DELETE, DOWNLOAD, EXPORT, GENERATE, IMPORT, LICENSE, LOGIN, LOGOUT, and UPDATE. Each action is represented by different colors to identify them easier.
User	The user performs the action.
Date	The date when the action is performed.
Element Type	Type of action performed. It lists the type of actions, review List of type of actions.
Description	The information about the action.
Affected Items	User, model, application, or audit affected by this action.

Notifications

Relevant events in the system generate notifications to be sent to account users. In the NOTIFICATIONS tab, you can see all the listed notifications generated, with their related details.

Users with admin privileges can see all the notifications of the system, those performed by any user of the account. Other users are only allowed to see their own events and those events performed by other users that directly affect them.

Below, the detailed information of the ACTIONS tab:

Name	Description
Action	The action that triggers the notification. These actions are the following: CREATE, DELETE, UPDATE, DOWNLOAD, IMPORT, GENERATE, EXPORT, LICENSE, ANALYSIS_END, and ASSIGN. Each action is represented by different colors to identify them easier.
User	The user that performs the notification.
Date	The date when the notification is registered.
Notification Type	The type of notification.
Kind	Functional grouping of notifications are the following: Analysis: Notifications related to the execution of analysis. User Account: Notifications that are user account-related, for example, a disabled account. User Action: Notifications that are registered when a user performs different operations in the Kiuwan web or a user invokes API-REST services. Insights: Notifications generated by Insights services. Subscription: Notifications that are related to a subscription.
Status	Indicates the status of the notification. These statuses can be PENDING, DONE, and ERROR.
Message	The sent message to the recipients of the notification.
Destination	The email addresses list.
Affected Items	The notification fields that are affected. For example, Application, User, Models, Audits.

When you click See Recipients, the RECIPIENTS window opens. This window displays the recipients' list by User name and mail.

Configurations

Under the top-left corner of the NOTIFICATIONS screen, select Configuration from the drop-down menu.

The Configuration screen shows you a list of the type of notifications that Kiuwan provides for the user and the configuration options for each one of them

Only Users with User Management privileges have the Active column enable, having the option to check or uncheck the box under this column and assign a type of notification to users.

Below, is the detailed information on the CONFIGURATION option:

Name	Description
Name	Name of the notification.
Subject	The subject of the mail that the user receives when the notification is sent.
Message	The message that is sent to the recipients.
Kind	Functional grouping of notifications are the following: Analysis: Notifications related to the execution of analysis. User Account: Notifications that are user account-related, for example, a disabled account. User Action: Notifications that are registered when a user performs different operations in the Kiuwan web or a user invokes API-REST services. Insights: Notifications generated by Insights services. Subscription: Notifications that are related to a subscription.
Active	Shows if notification is enabled or disabled for all the users. The System notifications have this field checked by default, a user with User Management privileges can enable or disable this notification. When this checkbox is selected, the notification is generated.
Enabled for me	Indicated that a notification is enabled or not for the current user. When a user has notifications assigned, they can be enabled or disable despite the privileges of the user.
System	The System notifications are generated by Kiuwan automatically.

Assign type of notifications to different users

Only users with User Management privilege are allowed to assign recipients to a type of notification. Select Type of Notification and open the drop-down menu

The Assign option is enabled when the Active checkbox is selected.

The Assign window opens when you click the Assign option, which allows you to assign the type of notification to different users.

Name	Description
Name	Name of the notification.
Subject	The subject of the mail that the user receives when the notification is sent.
Message	The message that is sent to the recipients.
All users	Allows you to add all the users to this type of notification. If the All users checkbox is selected, the User Groups and Users are not used.
User Groups	Allows you to add user groups as recipients of this type of notification.
Users	When you click Add Users a window opens with a list of users. These users can be added to this type of notification. Also, when a user is added, the remove option displays and if the notification has been disabled by this user.
E-mails	Allows you to add up to ten email addresses.

Permission of type of notification

Each type of notification has a set of permissions defined. These permissions allow you to choose if the notification can be sent or not to a user. There are different types of permissions that a type of notification may require:

Manage User: When a user has this permission, receives the notification.
Manage Applications: When a user has this permission, receives the notification.
Manage Audits: When a user has this permission, receives the notification.
Manage Models: When a user has this permission, receives the notification.
- Application: When a user has permission for a specific application, receives the notification.
- User: When a user is affected by the notification, receives the notification. For example, the user gets notified if an action plan is assigned to him.
- SuperAdmin: When a user has the SuperAdmin role, receives the notification.
- Owner: When the user has the Owner role, receive the notification.

Conditions for a user to receive a notification

When a user is configured to receive a specific notification, is possible that the mail with this information is not received.

The user should meet the following requirements:

The user is configured to receive this type of notification.
The user is enabled.
The user has the permissions specified for this type of notification.
The type of notification has the Active checkbox to true.
The user has not disabled himself from this type of notification.

List of types of notifications

Name notification	Permissions	System
Action Plan Assign	Manage Users, User	No
Add Portfolio Group Application	Manage Applications	No
Add Report	Manage Reports	No
Add User Group	Manage Users	No
Analysis Cloud	Application	No
Analysis Finished Failed	Application	Yes
Analysis Finished Success	Application	Yes
Analysis KLA	Application	No
Audit Result FAIL	Application	No
Audit Result OK	Application	No
Create Action Plan	Application	No
Create Application	Manage Applications	No
Create Audit	Manage Audits	No
Create Model	Manage Models	No
Create Role	Manage Users	No
Create User	Manage Users	No
Delete Action Plan	Application	No
Delete Application	Application	No
Delete Audit	Manage Audits	No
Delete Model	Manage Models	No
Delete Portfolio Group Application	Manage Applications	No
Delete Report	Manage Reports	No
Delete Role	Manage Users	No
Delete User	Manage Users	No
Delete User Group	Manage Users	No
Generate Report	Manage Reports	No
Insight New Vulnerabilities	Application	Yes
Limit Analysis by Subscription	Superadmin, Owner	Yes
Limit Apps	Superadmin, Owner	Yes
Limit Lines of Code	Superadmin, Owner	Yes
Limit Login Attempts	Manage Users, User	Yes
Mute Defects Vulnerabilities	Application	No
Plan Expire	Superadmin, Owner	Yes
Publish Audit	Manage Audits	No
Publish Model	Manage Models	No
Remove Analysis	Application	No
Update Mute Defects Vulnerabilities	Application	No
Update Role	Manage Users	No
Update User Enable	Manage Users, User	Yes

List of type of actions

Name action
Activate Rule Model
Add Checkpoint Audit
Add Portfolio Group Application
Add Report
Add Secret Key
Add User Group
Analysis Cloud
Analysis KLA
Change Defects Status
Change Model Indicators
Change Password
Change Password Policy
Change Privacy Policy
Change User Accounts Policy
Change user administration privileges
Change user permission on application
Change user permission on portfolios
Change User Profile
Classify Application
Create Action Plan
Create Application
Create Audit
Create Custom Artifact Insight
Create Custom Vulnerability Insight
Create Model
Create Role
Create User
Deactive Rule Model
Delete Action Plan
Delete Application
Delete Audit
Delete Audit Version
Delete Checkpoint Audit
Delete Custom Artifact Insight
Delete Custom License Policy
Delete Custom Rules JAR
Delete Custom Vulnerability Insight
Delete Delivery
Delete Model
Delete Model Version
Delete Mute Defects Vulnerabilities
Delete Portfolio Group Application
Delete Report
Delete Role
Delete Rule
Delete Secret Key
Delete User
Delete User Group
Download Custom Config
Download Custom Rules JAR
Download KLA
Edit Action Plan
Edit Application
Edit Audit
Edit Checkpoint Audit
Edit Model
Edit Portfolio Group Application
Edit Report
Edit Rule
Execute Impact Analysis
Export to Threadfix
Generate Report
Generate Rules ZIP
Import Rule Sets
Install Rule Definitions
Lock Engine
Mark User as Owner
Modify Audit Version Tag
Modify Licenses Policies
Modify Model Application
Modify Model Version Tag
Modify Mute Vulnerabilities Insights
Mute Defects Vulnerabilities
Mute Vulnerabilities Insights
Promote to Baseline
Publish Audit
Publish Model
Remove Analysis
Remove Custom Config
Set Audit Application
Set Model as Default
Unlock Engine
Unmute Vulnerabilities Insights
Update Enabled Notification
Update Mute Defects Vulnerabilities
Update Role
Update User
Update User Password
Upgrade Model
Upload Custom Config
Upload Custom Rules JARs
Upload Image
User login
User logout

Page tree

Activity Module