CardioLog Analytics SaaS's architecture is built upon four main layers:
- Data Source - This layer includes all the main sources that CardioLog Analytics SaaS can track, including Office 365, SharePoint 2013, 2016, 2019, Teams and Yammer.
- Data Capturing - This layer combines both tracking of user behavior with data pulled from various APIs.
This data is combined with information that we get from Microsoft APIs, like portal content, structure, users, groups, profile attributes and much more.
- Data Processing - Once data is captured, there is a mechanism that processes the data and combines it into analytics that are displayed in reports.
- Data Visualization - The processed information is displayed at the Data Visualization level. The data is visualized through Power BI, a powerful visualization tool provided by Microsoft.
CardioLog Analytics SaaS Schematic Overview
CardioLog Analytics SaaS Architecture Diagram
Data Collected by CardioLog Analytics
To enable CardioLog Analytics to provide distinctive reports with exceptional value, the solution is required to collect, store and process more data and information than most generic analytic solutions.
Data collected by CardioLog Analytics for SharePoint and Microsoft 365 apps (such as Teams, Yammer, OneDrive and Exchange Online) includes the following:
- SharePoint portal tree structure (via Microsoft API): SharePoint content information including page ID; page URL; title; content type; template; owner; editor; date created; date updated; size; and additional optional metadata fields (configurable).
- Azure Active Directory or SharePoint user profiles (via Microsoft API): User information including user account name; user principal name; user display name; email address; and additional optional attributes such as department and location (configurable)
- SharePoint Social activity (via Microsoft API): Social activity information such as ratings; likes; follows; comments etc.
- Teams activity (via Microsoft API): Teams information including team name; type; owner; date created; members, and social activity information such as number of messages; replies; reactions; mentions; meetings; calls; apps used; device types used; content shared and channel messages content - optional (configurable)
- Yammer activity (via Microsoft API): Yammer groups information including group name; group URL; date created, and social activity information such as number of messages; replies; likes; message excerpt etc.
- OneDrive activity (via Microsoft API): OneDrive content information including file name; owner; editor; date created; date updated; size; and usage information such as number of creations; modifications; deletions; shares etc.
- Exchange Online activity (via Microsoft API): Exchange usage information including email traffic; apps used; storage used; and email subject - optional (configurable)
- Custom events (via Extended Tracking API): Custom usage information including custom visitor actions performed in the monitored environments and/or in custom applications - optional
An event is any action a user makes in the monitored environment.
The following events are collected via page tagging for SharePoint:
- Page view
- Document view/download
- Page duration (time spent on page)
- Page load time
- Page interactions (such as scroll) - optional
- External link click
- Search result click
- Search result preview
- Video interactions (such as play/auto play/pause/stop/seek/full screen/sound) - optional
Data Subject Rights Requests – Inlock provides a self service functionality (operated by the customer's IT administrator) to resolve data subject requests and opt out users from data collection and delete their history data.
With this functionality Intlock performs its obligation under applicable Data Protection Legislation to fulfill requests by individuals to exercise their rights (e.g., as applicable, erasure, restriction, and opt-out). In the event that a Data Subject Request is made directly to Intlock, Intlock shall not respond to such communication directly without the customer's prior consent, other than to acknowledge receipt of the request, unless required by the Applicable Data Protection Law.