Pilot Data Server includes an audit feature (available to customers) that records write activity, providing insight into how the system is used over time. The audit is intended for operational overview and transparency.

What is Audited

The audit records write operations to Pilot Data Server:

  • HTTP POST

  • HTTP PUT

Typical examples include creating or updating templates and elements.

Read operations (GET) are not audited.

What Information is Recorded

Each audit entry represents a single write operation, and includes metadata such as:

  • Time of the operation.

  • Type of operation (POST / PUT).

  • User identity when single sign-on (SSO) is enabled.

  • Client IP address when SSO is not enabled.

Template payloads and full data content are not recorded.

How Audit Data is Stored

Audit data is stored locally on the machine running Pilot Data Server, in an internal database file.

Key characteristics:

  • Audit data is stored locally and not exposed through any API.

  • Audit data is not transmitted outside the PDS host.

  • Access to audit data requires operating system–level access to the server.

The audit log uses an internal integrity mechanism that manually modifies detectable entries.

Viewing Audit Data

An Audit Viewer is available from the Pilot Data Server Launcher.

image-20260205-072049.png

The Audit Viewer can be used to:

  • Review audit activity for a selected time period.

  • See the number of unique users performing write operations.

  • See the total number of write interactions.

  • Copy audit summary to clipboard.

  • Delete existing audit data and restart audit logging from scratch.

Deleting audit data does not affect normal operation of Pilot Data Server.

Configuration

Audit logging is enabled by default, but it can be disabled by setting the following option in the Pilot Data Server configuration file:

DisableAudit=True

This setting disables all audit logging and is intended as an exception mechanism.

Data Protection

Audit entries may contain personal data (as defined in the Vizrt Data Processing Addendum), such as user identifiers or IP addresses, depending on the authentication setup and use of the audit feature. Customers act as controllers in respect to any personal data contained in audit entries, and are solely responsible for ensuring its compliance with Applicable Data Protection Law in connection with its use.

Customers acknowledge and accept that:

  • Audit data is stored locally on the Pilot Data Server host, and is controlled by the customer.

  • No automatic reporting or external transmission of audit data is performed, unless expressly agreed between Vizrt and the customer.

  • Customers are responsible for retention control, access control, and deletion policies.

This feature is intended to provide usage insight and operational transparency, not employee monitoring or compliance enforcement.