System Architecture

CardioLog Analytics SaaS's architecture is built upon four main layers:

  1. Data Source - This layer includes all the main sources that CardioLog Analytics SaaS can track, including Office 365, SharePoint 2013, 2016, 2019, Teams and Yammer.  
  2. Data Capturing - This layer combines both tracking of user behavior with data pulled from various APIs. 
    The user behavior is captured by a JavaScript code, which allows for tracking all kinds of information including what pages users viewed and what they searched for. 
    This data is combined with information that we get from Microsoft APIs, like portal content, structure, users, groups, profile attributes and much more. 
  3. Data Processing - Once data is captured, there is a mechanism that processes the data and combines it into analytics that are displayed in reports. 
  4. Data Visualization - The processed information is displayed at the Data Visualization level. The data is visualized through Power BI, a powerful visualization tool provided by Microsoft.

 

CardioLog Analytics SaaS Schematic Overview


CardioLog Analytics SaaS Architecture Diagram


Data Collected by CardioLog Analytics

In order to provide enhanced reports and meaningful insights to stakeholders to better understand and improve the business, the CardioLog Analytics solution collects, processes and stores data from various sources. Some of these sources are shared (such as the Microsoft APIs, SharePoint user profiles and Microsoft Azure Active Directory) and some are the unique IP of CardioLog Analytics (such as the JavaScript tracking agent).

Please note that the JavaScript tracking agent relies on the following SharePoint objects in the SharePoint page model spPageContextInfo and spClientContextInfo (which are included on all SharePoint pages by default) in order to collect information about the current user and page.

To enable CardioLog Analytics to provide distinctive reports with exceptional value, the solution is required to collect, store and process more data and information than most generic analytic solutions.

Data collected by CardioLog Analytics for SharePoint and Microsoft 365 apps (such as Teams, Yammer, OneDrive and Exchange Online) includes the following:

  1. SharePoint page tagging (via JavaScript tracking agent): Usage information including page URL; query string; date and time; user ID; IP address (configurable); session ID; browser type and operating system; search terms; position of clicked search results; amount of time spent on a page; page loading time.
  2. SharePoint portal tree structure (via Microsoft API): SharePoint content information including page ID; page URL; title; content type; template; owner; editor; date created; date updated; size; and additional optional metadata fields (configurable).
  3. Azure Active Directory or SharePoint user profiles (via Microsoft API): User information including user account name; user principal name; user display name; email address; and additional optional attributes such as department and location (configurable)
  4. SharePoint Social activity (via Microsoft API): Social activity information such as ratings; likes; follows; comments etc.
  5. Teams activity (via Microsoft API): Teams information including team name; type; owner; date created; members, and social activity information such as number of messages; replies; reactions; mentions; meetings; calls; apps used; device types used; content shared and channel messages content - optional (configurable)
  6. Yammer activity (via Microsoft API): Yammer groups information including group name; group URL; date created, and social activity information such as number of messages; replies; likes; message excerpt etc.
  7. OneDrive activity (via Microsoft API): OneDrive content information including file name; owner; editor; date created; date updated; size; and usage information such as number of creations; modifications; deletions; shares etc.
  8. Exchange Online activity (via Microsoft API): Exchange usage information including email traffic; apps used; storage used; and email subject - optional (configurable)
  9. Custom events (via Extended Tracking API): Custom usage information including custom visitor actions performed in the monitored environments and/or in custom applications - optional  

An event is any action a user makes in the monitored environment.

The following events are collected via page tagging for SharePoint:

  1. Page view
  2. Document view/download
  3. Page duration (time spent on page)
  4. Page load time
  5. Page interactions (such as scroll) - optional
  6. External link click
  7. Search
  8. Search result click
  9. Search result preview
  10. Video interactions (such as play/auto play/pause/stop/seek/full screen/sound) - optional

Data Subject Rights Requests – Inlock provides a self service functionality (operated by the customer's IT administrator) to resolve data subject requests and opt out users from data collection and delete their history data.
With this functionality Intlock performs its obligation under applicable Data Protection Legislation to fulfill requests by individuals to exercise their rights (e.g., as applicable, erasure, restriction, and opt-out). In the event that a Data Subject Request is made directly to Intlock, Intlock shall not respond to such communication directly without the customer's prior consent, other than to acknowledge receipt of the request, unless required by the Applicable Data Protection Law.


  • No labels