The configuration contains a few simple steps that walk you through setting up CardioLog Engage.
CardioLog Engage Configuration Screen
Step 1: Choose Sites to Integrate with
In order to use the In-App Messages channel (pop-up messages in SharePoint) and target users based on their past behavior (such as pages they've visited), select which site collections you would like to integrate with. Sites are only available for use once the tracking code is deployed for them in the "Add the CardioLog Tracking Code to your Sites" step.
- Click Connect.
Note: A global administrator account is required in order to consent to the permissions required to read items from all site collections and read users' full profiles. - Click Accept to approve the required permissions.
Note: An App will be created in your Azure Active Directory. It may take up to 24 hours for changes to take effect. - With this section expanded, you should see all of your available SharePoint Online site collections.
CardioLog Engage Configuration Screen: Step 1 - Select all the sites you would like to integrate with.
- You can also search for site collections by typing in their name in the search bar.
Select the button next to each site you would like to integrate with.
In order to stop integrating with a specific site, but keep history data for it in usage reports, click on the folder icon
next to it in order to archive it.- Click Save to confirm your selection.
You can go back and add more sites or remove sites from your selection at any point.
Note: The number of site collections available for selection in your subscription is limited.
Please note that the integration process for large site collections may take a few hours up to a few weeks, depending on the environment size.
Step 2: Choose User Attributes
Using the search bar, enter the name of any property you would like to find and include.
Select the button next to each user property you would like to include.
CardioLog Engage Configuration Screen: Step 2 - Choose User AttributesIn case Personal Identifiable Information (PII) Concealment is enabled, hover over the user property you would like to conceal and click the gear icon.
Step 2 - Choose User Attributes - Configure PII Concealment
You will have the following options to choose from:- Unconcealed: Data for user profile attribute values is visible.
- Concealed: Data for user profile attribute values is concealed for enhanced security.
- Partially Concealed: Data for user profile attribute values is concealed only for groups with a size below the selected threshold. Partial concealment allows targeting and reporting on broader groups without compromising the privacy of individuals within smaller, potentially identifiable groups.
Step 2 - Choose User Attributes - PII Concealment OptionsClick Apply after selecting the concealment option.
Click Save to confirm your selection.
Properties may be added or removed at any time to accommodate your needs.
Step 3: Add The CardioLog Tracking Code To Your Sites
This step allows you to add the JavaScript tracking code to each of your sites.
Select one of the following options to add the tracking code to specific sites or deploy it on all selected site collections and their subsites automatically.
Note: If you would like to host the tracking code on a private CDN, please fill out the CDN details in the Advanced Settings before you proceed with adding the tracking code using one of the following options.
Install the tracking code automatically using a SharePoint App
Select this option to add the tracking code to all selected sites (in "Choose Sites to Integrate with" step) automatically using a SharePoint App.
Note: Use this method for installing the tracking code on all selected site collections, including automatically enabling it for newly created subsites under the selected site collections.
Create a SharePoint App
- Login to SharePoint with the Global Administrator account.
- Navigate to
https://<Admin Center>/_layouts/15/
AppRegNew.aspx
(e.g. https://company-admin.sharepoint.com/_layouts/15/AppRegNew.aspx). - Create a 'full-trust' app with the following details:
- Client ID and Secret - click Generate to automatically create a client ID and secret and copy these values.
- Title - CardioLog Analytics Tracking Deployment
- App Domain - localhost
- Redirect URI - https://localhost
- Navigate to
https://<Admin Center>/_layouts/15/
AppInv.aspx
(e.g. https://company-admin.sharepoint.com/_layouts/15/AppInv.aspx). Paste the client ID into the App Id field. Click Lookup. The existing values for Title, App Domain and Redirect URL should appear.
Enter the following XML into the App's Permission Request XML field to specify required permissions. Then click Create.
<AppPermissionRequests AllowAppOnlyPolicy=
"true"
>
</AppPermissionRequests>
You will be prompted to approve permissions for the app. Click Trust It.
Once the App is created, return to the CardioLog Engage configuration screen and enter the details of the Client ID and Client Secret in the "Add the CardioLog Tracking Code to your Sites" step.
Select Automatically track all subsites including newly created ones in order to automatically enable tracking for newly created subsites under the selected site collections (in "Choose Sites to Track" step).
- Select Notify me when client secret expires or is not working in order to receive an email alert to the specified email address. Follow these steps in order to renew the SharePoint App client secret if needed.
- Click Save.
- Click Install Tracking to install the tracking code on all selected site collections and their subsites.
Note: This step may take a while to complete, depending on the amount of selected sites. Follow the installation progress on the screen. - Click View installation report to view a detailed report of the installation progress. Click the top left down arrow icon to export the report to CSV.
Renew SharePoint App Client Secret
Execute the following PowerShell commands with the SharePoint Online Global Administrator account.
Edit the "Client ID" and use the Client ID value from the CardioLog Engage configuration screen in "Add the CardioLog Tracking Code to your Sites" step.
Connect-MsolService
$clientId =
"Client ID"
$keys = Get-MsolServicePrincipalCredential -AppPrincipalId $clientId -ReturnKeyValues
false
$keys
Remove-MsolServicePrincipalCredential -KeyIds $keys.KeyId -AppPrincipalId $clientId
In the same PowerShell window, execute the following PowerShell commands in order to generate a new client secret.
$bytes = New-Object Byte[]
32
$rand = [System.Security.Cryptography.RandomNumberGenerator]::Create()
$rand.GetBytes($bytes)
$rand.Dispose()
$newClientSecret = [System.Convert]::ToBase64String($bytes)
$dtStart = [System.DateTime]::Now
$dtEnd = $dtStart.AddYears(
1
)
New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Symmetric -Usage Sign -Value $newClientSecret -StartDate $dtStart -EndDate $dtEnd
New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Symmetric -Usage Verify -Value $newClientSecret -StartDate $dtStart -EndDate $dtEnd
New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Password -Usage Verify -Value $newClientSecret -StartDate $dtStart -EndDate $dtEnd
$newClientSecret
Copy the new client secret value and update it in the CardioLog Engage configuration screen in the "Add the CardioLog Tracking Code to your Sites" step and click Save.
Install the tracking code automatically using a PowerShell script
Select this option to add the tracking code to all selected site collections (in "Choose Sites to Integrate with" step) automatically using a PowerShell script.
Note: It is required to execute the PowerShell script every time you create new sites under the selected site collections in order to enable tracking for them.
- Click CardioLog Analytics Tracking Deployment package to download the deployment package from the "Add the CardioLog Tracking Code to your Sites" step in the Configuration page.
The package includes a PowerShell script that deploys the tracking agent wsp solution, modern sites integration app and the Java Script tracking code on all selected site collections. - Right click the downloaded package zip file, select Properties > General and click on "Unblock" before unzipping it.
- Execute the Run_Script.ps1 script in Windows PowerShell (do not use Windows PowerShell ISE version). Make sure to close all browser windows on your machine before executing the script.
Note: You must have the MS Online module installed and the credentials of the SharePoint Online global administrator.
Install the tracking code manually
Select this option to add the tracking code to specific sites manually.
- Click CardioLog Analytics Tracking solution to download the deployment package from the "Add the CardioLog Tracking Code to your Sites" step in the Configuration page.
- Right click the downloaded package zip file, select Properties > General and click on "Unblock" before unzipping it.
- Temporarily allow custom scripts during the installation in order to add the JavaScript tracking code and Tracking Agent application (sppkg for modern sites, wsp solution for classic sites) to your app catalog and all of the site collections you wish to monitor.
Execute the following commands in the SharePoint Online Management Shell (edit your SharePoint admin center and site collection URLs).Connect to SharePoint Online Admin Center with the SharePoint Online Global Administrator account:
Connect-SPOService -Url https:
//company-admin.sharepoint.com
Get the current value of the Custom Scripts setting DenyAddAndCustomizePages for each site collection you wish to monitor and for your App Catalog:
Get-SPOsite https:
//company.sharepoint.com | Select DenyAddAndCustomizePages
If the current value of DenyAddAndCustomizePages is Enabled, set it to Disabled:
Set-SPOsite https:
//company.sharepoint.com -DenyAddAndCustomizePages 0
- Disconnect from SharePoint Online:
Disconnect-SPOService
- Browse to your SharePoint Online site collection Solution Gallery. The gallery should be found at the following address (replace the site collection root URL https://company.sharepoint.com/sites/site with yours): https://company.sharepoint.com/sites/site/_catalogs/solutions/forms/allitems.aspx
- From your Solution Gallery, click Upload Solution > Choose File. Then select the CAI.wsp solution file which can be found in the deployment package and click Activate.
- If you are presented with a request for access, make sure you have temporarily allowed custom scripts for your site collection and app catalog.
Once the solution is installed, return to the CardioLog Engage configuration screen and click Copy script to copy the JavaScript tracking code.
Browse to CardioLog Analytics Integration solution configuration page. The page should be found at the following address (replace the site collection root URL https://company.sharepoint.com/sites/site with yours): https://company.sharepoint.com/sites/site/CardioLogAnalytics/Configuration.2.0.8.0.aspx
Paste the tracking code copied from the "Add the CardioLog Tracking Code to your Sites" step and click OK.
In order to track SharePoint Online modern sites and pages, install the Tracking Agent App:
Click CardioLog Analytics Tracking Agent App for modern sites to download the Tracking Agent App.
Upload the CardioLogTrackingAgentAddin.sppkg app to the SharePoint Admin apps > App Catalog > Apps for SharePoint > New.
Click Deploy (do NOT select "Make this Solution available to all sites in the organization")
Add the App to your site collection and to all of its subsites under Site Contents > New App
Click on Apps from your organization and click CardioLog Tracking Agent (it will be installed automatically)
After the installation is complete, revert the changes performed in step 3 (if any) and disable custom scripts.
Connect-SPOService -Url https:
//company-admin.sharepoint.com
Set-SPOsite https:
//company.sharepoint.com -DenyAddAndCustomizePages 1
Disconnect-SPOService
Inject the tracking code to all site pages yourself
Select this option to inject the tracking code manually to your site pages.
- Click Copy script to copy the JavaScript tracking code to the clipboard.
- Paste the tracking code into the <head> section of each site page you would like to track.
Advanced Settings
Host the tracking code on a private CDN
By default the tracking code resources are hosted on Microsoft Azure. Select this option if you would like to host the tracking code resources on a private CDN for increased security.
Note: It is required to perform this step before adding the tracking code to selected sites.
- Expand the Advanced Settings section in the "Add the CardioLog Tracking Code to your Sites" step.
- Switch on the Host the tracking code on a private CDN toggle.
- Enter the CDN Address and click Save.
- Click Download CDN resources Here to download the latest version of the tracking code resources and host them on your private CDN.
Step 4: Choose User Attribute that Contains User Phone Numbers
In order to use the Phone Call, Text Messages (SMS) and Mobile Notifications channels, select the user profile attribute that contains user phone numbers and click Save. This information will be taken from SharePoint user profiles.
CardioLog Engage Configuration Screen: Step 4
Step 5: Sign in to CardioLog Engage with your Power BI Account
In this step, connect to Power BI in order to gain access to the CardioLog Engage user interface and create campaigns, and to your CardioLog Engage reports in Power BI to analyze user responses to your campaigns.
Click Connect to Power BI and enter the Username and Password of a user with Power BI Pro or Power BI Premium Per User (PPU) license and click Save. This user will be the owner of the CardioLog Analytics app workspace in Power BI and will be able to share it with others in the organization.
CardioLog Engage Configuration Screen: Step 5Go to the Power BI interface.
Login with the credentials you entered in the "Sign in to CardioLog Engage with your Power BI" Account step.
Create a Power BI app workspace for the CardioLog Engage reports. Learn more about Power BI app workspaces.
Select Workspaces > Create a workspace
Enter the following details:
Name - CardioLog Analytics
Privacy - Private - Only approved members can see what's inside
Permissions - Members can edit Power BI contentAdd email addresses of people you want to have access to the workspace, and select Add. Note that you can't add group aliases, just individuals.
Decide whether each person is a member or an admin (admins can edit the workspace itself, including adding other members, members can edit the content in the workspace) and click Save.
CardioLog Engage reports will be available in your app workspace within a few business days. You will receive an email notification as soon as all the data has been processed and your reports are ready to use.
- When the reports are ready, share them with your colleagues:
- Sign in to Power BI with the credentials you entered in the "Connect to Power BI" step.
- Select Workspaces > CardioLog Analytics > select the Create app button in the upper right to start the process of sharing all the content in that workspace.
- First, on Setup tab, enter the following details:
App name - CardioLog Analytics
Description - Analytics for SharePoint and Office 365 - Next, on Navigation, you see the reports that's going to be published as part of the app and organize the navigation pane.
- Last, on Permissions, decide who has access to the app: either everyone in your organization, or specific people or email distribution lists and click Publish app.
Step 6: Connect to Microsoft Entra ID
In this step you can connect to your Microsoft Entra ID (Azure AD) in order to import user information from Microsoft Entra ID.
- Login to the configuration page with the credentials of a global admin account that has permissions to sign in to Microsoft Entra ID and read directory data (users' full profiles and groups).
- Click Connect to connect to your Microsoft Entra ID with the current logged on user.
CardioLog Engage Configuration Screen: Step 6 - Click Accept to approve the required permissions.
- Select all user attributes that you would like to filter and report on. This information will be taken from Microsoft Entra ID user attributes. If you have created custom user attributes you can also use them. It is recommended to select the following basic attributes - department, office, country, manager, title.CardioLog Engage Configuration Screen: Step 6
Using the search bar, enter the name of any attribute you would like to find and include.
Select the button next to each user property you would like to include in your usage reports.
Click Save to confirm your selection.
User attributes may be added or removed at any time to accommodate your needs.
Note: if you have already imported user information from SharePoint user profiles in step 2, there is no need to perform this step.
Step 7: Choose User Groups to Opt-out
In this step you can select which user groups you would like to opt-out of data collection.
The user group information will be taken from Azure Active Directory. It may take up to 24 hours for changes to take effect.
- Connect to Azure Active Directory with an account that is a global administrator in your Office 365 tenant. This account will be used in order to approve the required permissions for CardioLog Analytics SaaS to connect to Azure Active Directory.
- Click Accept to approve the required permissions.
- Select the user groups you would like to opt-out of data collection and click Save.
- Click Confirm to acknowledge that:
- Data for opted out users, including user profile information and usage data, will be:
- Permanently deleted
- No longer collected
- No longer available in reports
- Data for opted in users, including user profile information and usage data, will be collected and available in reports, however any data that was deleted/not collected during the time period they were opted out will not be recovered.
- Using this functionality may result in data discrepancies in some reports.
- Data for opted out users, including user profile information and usage data, will be:
Step 8: Assign Permissions to Power BI Reports
In this step you can select the users and groups you would like to grant report permissions to and select the specific sites that they should see reports for.
The user information will be taken from Azure Active Directory. It may take up to 24 hours for changes to take effect.
Connect to Azure Active Directory with an account that is a global administrator in your Office 365 tenant. This account will be used in order to approve the required permissions for CardioLog Analytics SaaS to connect to Azure Active Directory.
Click Accept to approve the required permissions.
Select the users and groups you would like to grant report permissions to. You can always go back and select additional users or groups or remove users or groups from your selection by clicking on -Remove user or group from list.
Using the Search for a user or group bar, enter the name of any user or group you would like to find and assign permissions to.
Note: Selected users should have a Power BI Pro or Premium per User (PPU) license assigned to them.
For each user or group, click Custom to select the specific sites the user or group is allowed to see reports for, or click Access to all sites to select all sites.
Click Save to confirm your selections.
Share the CardioLog Analytics SaaS reports in Power BI service with the selected users and groups.
Note: Permissions are applied using Power BI Row Level Security (RLS). RLS does not apply to users or groups who have edit permissions on the dataset.Add the 'Site Analyst' role in Power BI service to users and groups who have access to specific sites:
CardioLog Analytics SaaS Dataset > More options > Security > Select the 'Site Analyst' role > Add each user or group as a member.Add the 'Global Analyst (View All Sites)' role in Power BI service to users and groups who have access to all sites:
CardioLog Analytics SaaS Dataset > More options > Security > Select the 'Global Analyst (View All Sites)' role > Add each user or group as a member.
Note: Since roles are reset in Power BI on every version update, it is highly recommended to create user groups for managing users roles (one for site analysts and one for global analysts) so it would be easier to maintain.