Audit & Security Reports
AccuArk's Audit & Security reports provide a comprehensive trail of system access events and sensitive business actions. These reports are organized into two groups: system access audits that track who logged in, when, and what permissions changed; and sensitive action audits that track high-risk business operations such as voids, price overrides, manual discounts, and inventory adjustments.
All eight reports are presets within the Audit Report form.
How to Access
Open audit reports from the main menu:
System Access Audits:
- Reports > Audit & Security > Login Audit — opens with the LoginAudit preset
- Reports > Audit & Security > Lockouts / Auth Failures — opens with the Lockouts preset
- Reports > Audit & Security > User Sessions — opens with the UserSessions preset
- Reports > Audit & Security > Permission Changes — opens with the PermissionChanges preset
Sensitive Action Audits:
- Reports > Audit & Security > Sensitive Actions > Voids / Refunds Approvals — opens with the VoidsRefundsApprovals preset
- Reports > Audit & Security > Sensitive Actions > Price Overrides Audit — opens with the PriceOverrides preset
- Reports > Audit & Security > Sensitive Actions > Manual Discounts Audit — opens with the ManualDiscounts preset
- Reports > Audit & Security > Sensitive Actions > Inventory Adjustments Audit — opens with the InventoryAdjustments preset
All menu entries open the same Audit Report form. You can switch between presets at any time using the Preset dropdown.
Required Permission
You must have the RPT_VIEW_AUDIT permission to access these reports. Super Admins and Location Admins have this permission by default.
Filters
All eight presets share the same filter controls:
| Filter | Description |
|---|---|
| Location | Filter to a specific location or choose All Locations |
| Date From / Date To | The reporting period |
After changing any filter, click Refresh or press F5 to reload the data.
System Access Audits
These four presets focus on who is accessing the system and how authentication and authorization are being managed.
Login Audit
The Login Audit preset shows every login and logout event recorded by the system. It queries the access_log table.
| Column | Description |
|---|---|
| Date/Time | When the event occurred |
| User | The username of the person who logged in or out |
| IP Address | The IP address of the machine used |
| Hostname | The computer name or hostname |
| Type | Login or Logout |
| Location | The location the user logged into |
Use cases: Verify that employees are logging in during expected hours. Investigate unauthorized access by checking IP addresses and hostnames. Confirm that users are logging out at end of shift rather than leaving sessions open.
Lockouts / Auth Failures
The Lockouts preset shows failed authentication attempts and account lockout events. It queries the access_log table, filtering for failed login entries (type=0) and aggregating attempt counts.
| Column | Description |
|---|---|
| Date/Time | When the failure or lockout occurred |
| User | The username that was targeted |
| IP Address | The IP address of the failed attempt |
| Failed Attempts | The number of consecutive failed attempts |
| Last Failure Time | The timestamp of the most recent failed attempt |
Use cases: Detect brute-force login attempts against user accounts. Identify users who are repeatedly entering incorrect passwords and may need a password reset. Spot suspicious activity from unfamiliar IP addresses.
User Sessions
The User Sessions preset shows active and historical user sessions. It queries the user_sessions table.
| Column | Description |
|---|---|
| Session ID | The unique session identifier |
| User | The username |
| Machine | The computer or device name |
| Location | The location associated with the session |
| Login At | When the session started |
| Last Activity | The most recent activity timestamp |
| Logout At | When the session ended (blank if still active) |
| Logout Reason | How the session ended: user logout, timeout, forced disconnect, etc. |
| Is Active | Whether the session is currently active |
Use cases: See who is currently logged in across all locations. Identify sessions that have been inactive for a long time and may indicate an unattended workstation. Investigate abnormal session patterns such as a single user with multiple active sessions.
Permission Changes
The Permission Changes preset shows an audit trail of all role and permission modifications. It queries the permission_audit_log table.
| Column | Description |
|---|---|
| Date | When the change was made |
| Action | Grant, Revoke, or Modify |
| Target User | The user whose permissions were changed |
| Permission/Role | The specific permission or role that was affected |
| Old Value | The previous setting (for modifications) |
| New Value | The new setting |
| Performed By | The administrator who made the change |
Use cases: Maintain a complete audit trail of who has access to what and when it changed. Investigate security incidents by checking whether permissions were escalated before suspicious activity occurred. Support compliance requirements that mandate tracking of access control changes.
Sensitive Action Audits
These four presets focus on high-risk business operations that could indicate loss, fraud, or policy violations if performed improperly.
Voids / Refunds Approvals
The VoidsRefundsApprovals preset shows every void and refund transaction along with the manager who approved it. It queries the pos_activity_log table for void and refund activity types.
| Column | Description |
|---|---|
| Date | When the void or refund was processed |
| Invoice # | The affected invoice number |
| Type | Void or Refund |
| Amount | The dollar amount of the void or refund |
| User | The employee who initiated the action |
| Approving Manager | The manager who authorized the void or refund |
| Reason | The reason provided for the action |
Use cases: Monitor for excessive voids or refunds by specific employees. Verify that all voids and refunds have proper manager approval. Identify patterns such as frequent voids at a particular register or time of day that may indicate theft or process issues.
Price Overrides
The PriceOverrides preset shows every instance where an item's price was manually changed at the point of sale. It queries the pos_activity_log for price override activities.
| Column | Description |
|---|---|
| Date | When the override occurred |
| Invoice # | The invoice containing the overridden item |
| Item | The product whose price was changed |
| Original Price | The standard selling price |
| Override Price | The price that was actually charged |
| Difference | The amount of the price change (positive if increased, negative if decreased) |
| User | The employee who performed the override |
| Manager | The manager who authorized the override |
Use cases: Detect unauthorized price reductions that reduce revenue. Identify employees who frequently override prices downward. Verify that manager authorization is consistently required. Spot items that are regularly overridden, which may indicate that the standard price needs adjustment.
Manual Discounts
The ManualDiscounts preset shows all manually applied discounts (as opposed to automatic promotions or coupon-based discounts). It queries the pos_activity_log for manual discount activities.
| Column | Description |
|---|---|
| Date | When the discount was applied |
| Invoice # | The invoice that received the discount |
| Item/Invoice | Whether the discount was applied to a specific line item or to the entire invoice |
| Discount Type | Percentage or fixed dollar amount |
| Discount Amount | The value of the discount |
| User | The employee who applied the discount |
| Manager | The manager who authorized the discount, if applicable |
Use cases: Monitor total discount amounts to ensure they stay within acceptable thresholds. Identify employees who grant excessive discounts. Compare manual discount totals against automatic promotion discounts to understand the overall discount impact on revenue.
Inventory Adjustments
The InventoryAdjustments preset shows all manual stock quantity changes. It queries the inventory_stock_transactions table for adjustment transaction types.
| Column | Description |
|---|---|
| Date | When the adjustment was made |
| Item | The product name |
| SKU | The product SKU |
| Location | The location where the adjustment occurred |
| Old Qty | The quantity before the adjustment |
| New Qty | The quantity after the adjustment |
| Change | The difference between new and old quantities |
| User | The employee who performed the adjustment |
| Reason | The stated reason for the adjustment |
Use cases: Detect shrinkage by tracking negative adjustments that are not explained by sales or transfers. Ensure that all adjustments have a documented reason. Identify items that are frequently adjusted, which may indicate counting errors, receiving problems, or theft. Compare adjustment patterns across locations to spot anomalies.
Compliance and Loss Prevention
The Audit & Security reports serve two primary business functions:
Compliance
Many industries require businesses to maintain audit trails for system access and financial transactions. The system access audit reports (Login Audit, User Sessions, Permission Changes) provide the documentation needed to demonstrate that access controls are in place and being monitored. These reports can be exported to CSV or PDF for inclusion in compliance packages.
Loss Prevention
The sensitive action audit reports (Voids/Refunds, Price Overrides, Manual Discounts, Inventory Adjustments) are the primary tools for detecting and investigating internal loss. Loss prevention teams should review these reports regularly, looking for:
- Unusual volume — An employee with significantly more voids or overrides than their peers
- Pattern timing — Suspicious activity concentrated at specific times (e.g., just before or after closing)
- Missing authorization — Actions that should require manager approval but show the same person as both user and manager
- Round numbers — Inventory adjustments in suspiciously round numbers that do not match count sheets
For a complementary view of exception activity from the sales side, see the Exceptions & Loss Prevention Reports.
Tips
- Run weekly reviews — Schedule a weekly review of the Voids/Refunds and Price Overrides reports to catch issues early
- Cross-reference with exceptions — Pair audit reports with exception reports for a complete picture of loss risk
- Export for long-term archival — Export audit reports to PDF monthly and store them for compliance documentation
- Check sessions after hours — Use the User Sessions report to verify that no sessions remain active outside of business hours