jared/pre-repos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5a4c69f32c0cbd49ef58d09bc25327a91f60a8ce
pre-repos/workday_monthly_admin_activities_audit/event_logs.txt
jared 5a4c69f32c discord
2026-02-03 15:10:50 -05:00

129 lines
53 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
=== Dennis Cregan ===
[EVT-0001] - On January6,2026 at 6:51AM EST, Workday administrator DennisCregan edited the account for user CaseySpelman. The edit set Caseys account expiration date to January6,2026 (the prior date was August7,2025). The transaction also configured a large number of notification settings for Casey. For each category listed such as Academic Advising, Accounting Center Job Process, Activity Comments, AdHoc Worker Communications, Add employee to Comp Process, Admissions, Anniversaries, Background Error Notifications, Benefits Notifications, Birthdays, Bonus/Comp/Stock/Merit review, Business Process General Notifications, Calculate and Assign ABC Classification, CheckIns, Consignment Usage Requisitions Notification, Create Inventory Waves, Customer Central, Drive Access Additions/Changes/Removals, E&G Committee Invitation, Evidence of Insurance, Extended Enterprise Campaigns, Financial Aid (Disbursements, General, Packages), General Notifications, Give Feedback, Goal Notes, Integrations, Interview Schedule Communications, Inventory (Average Daily Usage, Count Notification, Preferred Supplier Lead Time, Replenishment), Learning Campaigns/Expiration Periods, Manage Individual Benefit Rates, Marketplace Opportunity Promotion, Metric Review Notification, Onboarding Plan Notifications/Setup, Open Enrollment for Benefits, Par (Average Daily Usage, Lead Time, Recommended Reorder Point), Passive Enrollment Event, Prism Data Acquisition/Workbook Complete Notification, Remote Form I9 Authorized Representative Notification, Repository Document, Request for Quote Notifications, Review Supplier Synchronization Errors, Schedule Distribution (Request Time Off/Absence, Review Time Off), Scheduled Future Processes, Scheduled Live Report Completion, Scheduled Report Completion, Share Career Development Opportunity/Path Notification Category, Share notifications, Student Engagement Monitoring, Student Financials, Student Records, Student Recruiting (Marketing/Transactional), Supplier Contract Expiration/Renewals, Surveys, System Monitor Notifications, Talent Pool Notifications, Time Off, Upcoming Shift, Voluntary SelfIdentification of Disability, Workbook (Access Additions/Removals, Comments, Conversations, Import Failures/Successes, Live Data Scheduled Updates, Notify If Function Notifications, Tasks), Worker Communications, and the custom “~Gigs~” category Casey was set to receive both Email and Mobile Push notifications. The transaction also recorded a 30day grace period for login count, set the session timeout to 2 minutes, and marked the event as completed. All of these changes were applied in a single “Edit Workday Account” transaction executed by DennisCregan.
[EVT-0002] - On January6,2026 at 9:40AM EST, Workday administrator **Dennis Cregan** (user ID1000054) edited the record for student **Eva DNU SilvaEwan**. He changed her **Universal ID** from the old value **“1115670”** to a new, prefixed value **“DNU1115670.”** The change was made as part of an “Edit Universal Id” transaction and was recorded in the systems audit log. No other attributes were altered, and no attachments or deletions occurred during this transaction. The event was logged under event IDEVT0002 and involved nine rows of data being processed.
[EVT-0003] - On January7,2026 at 7:43AM EST a Workday background job called **“Student Prospect Update Event (Default Definition)”** was started. The job ran a batch that matched student records and updated the prospect record for **FolusoAdeluola**. During this process, an administrator named **DennisCregan (user ID1000054)** performed the action “Edit Other IDs” on Folusos record. The edit added a new identifier value **“0306632”** (and associated values “495870520” and “647589765”) to the students list of identifiers. The change also updated the **Academic Record Locked** flag from “Y” to “Y” (no change in that field) and set the **Event Record Moment** to 2026010704:43:36.3770800. The job logged the addition of these identifiers and marked the event as “Successfully Completed.” No other user or admin performed any changes to this record during that transaction. The audit shows the entire batch process, including initiation, approval by an integration administrator, and completion of the student prospect update.
[EVT-0004] - On January7,2026 at 07:44AM EST, Workdays integration administrator (user ID1000054, DennisCregan) launched a background batch job called **“Student Prospect Update Event (Default Definition)”**. The job ran the second step of that workflow, which is a batch/job process named **“Match Students.”** During the job, Workday created a new custom identifier for the student prospect **KyraDinkins**. The identifier value was **0311503**, and it was added to Kyras record as a new “Other ID” (the field is called **“Edit Other IDs”).** The identifier was also linked to the existing identifiers **985663412** and **994089969**, so Kyra now has three IDs in her record. The job updated several attributes of Kyras prospect record, including the creation date (set to 2026010700:00:00) and the event record moment (set to 2026010704:44:05). The event was marked as “Y” for the **Last Updated for Find Duplicate Persons Job** flag, indicating that the system had processed her record in a duplicatesearch routine. No attachments were added or removed. The only removal noted was the old string “0311503985663412994089969” from a prior field value, which was replaced by the new single identifier “0311503.” The transaction was logged under the event ID **EVT0004** and involved 86 rows of audit data.
[EVT-0005] - On January7,2026 at 8:08AM EST, Workday administrator DennisCregan edited the Universal ID for employee SarahLittle. The change updated her Student Universal ID from **1117191** to **1117192** and recorded the entry moment as “20260107050842607 0800.” The edit was performed as part of the “Edit Universal Id” transaction and applied to SarahLittles record (Gallaudet University ASL Connect General). The audit log shows the new value, the prior value, and that the XML file contents were excluded from the audit. No attachments were added or removed during this transaction.
[EVT-0006] - On January7,2026 at 8:09AM Eastern Standard Time, Workday administrator **Dennis Cregan** (user ID1000054) edited the student record for **SarahLittle**. The edit changed Sarahs **Student ID** from **1117191** to **1117192** and updated the records “Entry Moment” timestamp to reflect the change. The action was performed as part of an **Edit Student ID** transaction and was logged under eventEVT0006. No other fields were added or removed, and no attachments were involved. The change was recorded in the “Student Financials Period Record Student ID (Denormalized)” field.
[EVT-0007] - On January7,2026 at 8:09AM EST, Workday administrator DennisCregan edited the account for user SarahLittle. During that transaction, he added a large number of notification categories to Sarahs User Notification Settings essentially enabling almost every available email and mobilepush alert that Workday can send. The changes were applied to Sarahs account (ID1117192, previously 1117191) and included categories such as Academic Advising, Accounting Center Job Process, Activity Comments, Ad Hoc Worker Communications, Add employee to Comp Process, Admissions, Anniversaries, Background Error Notifications, Benefits Notifications, Birthdays, Bonus/Comp/Stock reviews, Business Process General Notifications, CheckIns, Consignment Usage Requisitions Notification, Create Inventory Waves, Customer Central, Drive Access Additions/Changes/Removals, E&G Committee Invitation, Evidence of Insurance, Extended Enterprise Campaigns, Financial Aid (Disbursements/General/Packages), General Notifications, Give Feedback, Goal Notes, Integrations, Interview Schedule Communications, Inventory metrics (Average Daily Usage, Count Notification, Preferred Supplier Lead Time, Replenishment), Learning Campaigns and Expiration Periods, Manage Individual Benefit Rates, Marketplace Opportunity Promotion, Metric Review Notification, Onboarding Plan Notifications and Setup, Open Enrollment for Benefits, Par metrics (Average Daily Usage, Lead Time, Recommended Reorder Point), Passive Enrollment Event, Prism Data Acquisition and Wbucket Complete notifications, Remote Form I9 Authorized Representative notifications, Repository Document, Request for Quote Notifications, Review Supplier Synchronization Errors, Scheduled Future Processes, Schedule Distribution (Request Time Off/Review Time Off), Scheduled Live Report Completion, Scheduled Report Completion, Share Career Development Opportunity and Path notifications, Share notifications, Student Engagement Monitoring, Student Financials, Student Records, Student Recruiting (Marketing/Transactional), Supplier Contract Expiration/Renewals, Surveys, System Monitor Notifications, Talent Pool Notifications, Time Off, Upcoming Shift, Voluntary SelfIdentification of Disability, Workbook Access Additions/Removals, Workbook Comments/Conversations, Workbook Import Failures/Successes, Workbook Live Data Scheduled Updates, Workbook Notify If Function Notifications, Workbook Tasks, Worker Communications, and the custom “~Gigs~” category. All of these were configured to send both email and mobilepush alerts (where applicable). The transaction was completed successfully, with no removals or attachments added.
[EVT-0008] - On January7,2026 at 1:03PM EST (10:03AM PST), Dennis Cregan edited the security segment for an integration system in Workday. He added a new “Edit Integration System Security Segment” task and associated it with the integration system named **ISSS Financial Aid Integrations**. Within that segment, he added two outbound package integrations: **SINT100 Slate Financial Aid Packages Outbound** and **SINT100b Slate Financial Aid Packages FSFSA Outbound**. The audit record shows the new entry time and notes that XML file contents were excluded from the log. No other changes, deletions, or attachments were recorded. The event was logged under event ID EVT0008 and involved five rows of data.
[EVT-0009] - On January8,2026 at 3:25PM EST, Workday administrator DennisCregan created a new Universal Identifier for employee PhillipHight. The identifier value was **1117202** and the entry moment recorded was 2026010812:25:07.8580800 (the time zone offset). The action added the “Create Universal Id” transaction to PhillipHights record, linking the new Universal Identifier to his person profile. No values were removed or changed; this was a straightforward creation of the new ID for PhillipHight. The event is logged as EVT0009 and involved seven audit rows.
[EVT-0010] - On January8,2026 at 3:26PM EST, Workday administrator DennisCregan edited the account for user PhillipHight. During that transaction, he enabled a large number of notification categories for Phillips user profile. The changes added email and mobilepush notifications for every listed event type—such as Academic Advising, Accounting Center Job Process, Activity Comments, Ad Hoc Worker Communications, Add employee to Comp Process, Admissions, Anniversaries, Background Error Notifications, Benefits Notifications, Birthdays, Bonus/Comp/Stock reviews, Business Process General Notifications, CheckIns, Consignment Usage Requisitions, Create Inventory Waves, Customer Central, Drive Access changes, E&G Committee Invitations, Evidence of Insurance, Extended Enterprise Campaigns, various Financial Aid notifications, General Notifications, Give Feedback, Goal Notes, Integrations, Interview Schedule Communications, Inventory usage and replenishment alerts, Learning Campaigns, Management of Benefit Rates, Marketplace Opportunity Promotion, Metric Review Notifications, Onboarding Plan and Setup alerts, Open Enrollment for Benefits, Par usage alerts, Passive Enrollment Events, Prism Data Acquisition, Remote Form I9 notifications, Repository Document updates, Request for Quote alerts, Supplier Synchronization errors, Schedule Distribution for time off requests and reviews, Scheduled Future Processes, Report completions, Share Career Development opportunities, Student Engagement Monitoring, Student Financials and Records, Student Recruiting notifications, Supplier Contract expirations/renewals, Surveys, System Monitor alerts, Talent Pool notifications, Time Off and Upcoming Shift alerts, Voluntary SelfIdentification of Disability, Workbook access changes, comments, conversations, import failures/successes, live data updates, and many other categories. All of these were configured to send both email and mobilepush notifications (where applicable). The transaction was completed successfully, with the new settings applied to PhillipHights user notification profile.
[EVT-0011] - On January8,2026 at 3:26PM EST, Workday administrator **Dennis Cregan** (user ID1000054) edited the student record for **Phillip Hight**. The change was made in the “Edit Student ID” transaction and replaced Phillips temporary student identifier **TEMP_STUDENT_0002670** with the new permanent ID **1117202**. The edit was recorded as part of Phillip Hights application for a Visiting Consortium Student Nondegree status for the Fall2026, Spring2026 and Summer2026 terms. The audit log shows the new ID value, the timestamp of the change, and that no attachments were added or removed. The event was logged under event IDEVT0011 with eight rows of detail captured in the audit.
[EVT-0012] - On January8,2026 at 3:47PM EST (15:47UTC08:00), Workday administrator Dennis Cregan performed an editpermissions transaction. He removed the “SelfService: Dining Dollar (diningDollar_wspzsl)” permission and the “Student as Self” role from a user, along with the associated viewonly access for that selfservice. At the same time he added the “Edit Permissions” capability and regranted the “SelfService: Dining Dollar (diningDollar_wspzsl)” permission to that user. The change was logged under event IDEVT0012 and involved seven rows of security policy relationships. The audit record shows the new permission timestamp (2026010812:47:01.568-0800) and notes that the XML file contents were excluded from the audit.
[EVT-0013] - On January8,2026 at 3:48PM (EST) user **Dennis Cregan** approved a pending security policy change for the “SelfService: Dining Dollar (diningDollar_wspzsl)” domain. The approval added a new entry timestamp of 12:47PM and an evaluation timestamp of 12:48PM (both in the 0800 time zone). The change removed the “Student as Self” security group from that domain, temporarily revoking access to the Dining Dollar application until a new version is promoted to production (change reference CHG0037158). The action was recorded under the transaction “Activate Pending Security Policy Changes” and marked as approved. No other users or groups were affected by this specific change.
[EVT-0014] - On January8,2026 at 4:00PM EST (16:00:58.749 UTC), Workday administrator Dennis Cregan (user ID1000054) executed a transaction to activate pending security policy changes. During that transaction, the system removed the “Student as Self” security group from the SelfService: Dining Dollar application (security domaindiningDollar_wspzsl). This action was taken to revoke the groups access to the app until a new version is promoted to production (change requestCHG0037158). The removal was recorded as part of the “Activate Pending Security Policy Changes” task, and the event is logged under EVT0014. No other changes or attachments were recorded in this audit entry.
[EVT-0015] - On January9,2026 at 12:48PM (EST) the Workday system recorded that administrator **Dennis Cregan** created a new *Universal ID* for the student **Jr.Kang** (applying to Gallaudet University as an Undeclared major). The new Universal ID value was **1117211**. This action added the identifier to Jr.Kangs person record and linked it to the students application for the Fall2026, Spring20272029 and Summer20262028 terms. No attributes were removed, and the transaction was logged as “Create Universal Id” with event IDEVT0015. The change affected 28 rows in the audit log, reflecting the various term and status fields updated for the new identifier.
[EVT-0016] - On January9,2026 at 12:49PM (EST) the Workday administrator **Dennis Cregan** edited the account of user **Jr.Kang** (user ID 1117211). During that single “Edit Workday Account” transaction, Dennis added a large set of notification preferences for Jr.Kang. The changes enabled email and, in many cases, mobilepush notifications for dozens of Workday business processes and events—such as Academic Advising, Accounting Center Job Process, Activity Comments, Ad Hoc Worker Communications, Add employee to Comp Process, Admissions, Anniversaries, Background Error Notifications, Benefits Notifications, Birthdays, Bonus/Comp/Stock reviews, Business Process General notifications, CheckIns, Inventory alerts, Learning Campaigns, Onboarding events, Open Enrollment for Benefits, Par usage alerts, Passive Enrollment Events, Prism data acquisition, Remote Form I9 authorizations, Repository Documents, Request for Quote notifications, Scheduled Reports, Share Career Development opportunities, Student Financials and Records, Supplier Contract expirations/renewals, Surveys, System Monitor alerts, Talent Pool notifications, Time Off, Upcoming Shift, Voluntary SelfIdentification of Disability, Workbook events, and many others. All of these notification categories were configured to send email; for most of them, mobilepush notifications were also enabled. No preferences were removed or changed to a different setting—only new notification channels were added for Jr.Kangs account. The transaction was completed successfully at 12:49:22.581PM EST.
[EVT-0017] - On January9,2026 at 12:49PM Eastern Standard Time, Workday administrator Dennis Cregan (user ID1000054) edited the Student ID for a student record. The original temporary ID “TEMP_STUDENT_0002621” was replaced with the new permanent ID “1117211”. The change was made as part of an “Edit Student ID” transaction that affected 56 rows in the system. The update was recorded under eventEVT0017 and applied to the student “Jr. Kang” (who is applying for an undeclared major at Gallaudet University). No attachments were added or removed, and the XML file contents were excluded from the audit log.
[EVT-0018] - On January16,2026 at 5:40AM EST, Workday administrator DennisCregan edited the account for user DaleShepard. The edit changed Dales personal preferences and, most notably, added a large number of notification categories to his User Notification Settings. The changes enabled Dale to receive email and mobilepush alerts for dozens of business processes, including academic advising, accounting job processing, activity comments, hiring communications, benefits notifications, birthdays, performance reviews, inventory updates, learning campaigns, onboarding events, timeoff requests, and many other system alerts. The transaction was completed successfully, with the new settings taking effect immediately for DaleShepards account.
[EVT-0019] - On January17,2026 at 6:18AM Eastern Standard Time, Workday administrator Dennis Cregan (user ID1000054) added a new selfservice permission set called “Dining Dollar (diningDollar_wspzsl)” to the security role “Student as Self.” The change created a viewonly access level for that permission set, allowing students to see the Dining Dollar feature but not modify it. The audit records show that the permission was added as part of an “Edit Permissions” transaction, and the new entry time stamp was recorded in Pacific Time (2026011703:18:58.064-0800). No previous values were replaced, and no items were removed. The event was logged under event IDEVT0019 with seven related relationship entries describing how the new permission grants access to various security policies and groups.
[EVT-0020] - On January17,2026 at 6:19AM EST (Pacific time 3:19AM), Workday administrator Dennis Cregan added a new security group called **“ISSG Dining Dollar Extend.”** He also granted this group the following permissions: * Access to the **“Reports: Student Financial Account”** report. * A “View Only” permission for that report, meaning members can only read the data. These permissions were applied through a **Maintain Permissions for Security Group** transaction, which updated the domain security policy to grant the new group access to the report and its viewonly rights. No permissions were removed, and no attachments were added. The event is recorded as EVT0020 with seven related changes logged.
[EVT-0021] - On January17,2026 at 06:21AM EST, Workday administrator DennisCregan activated pending security policy changes for the Gallaudet tenant. The activation added two new viewonly permissions: 1. The “ISSG Dining Dollar Extend” security group was granted viewonly access to the **Reports: Student Financial Account** domain. 2. The “Student as Self” role was granted viewonly access to the **SelfService: Dining Dollar (diningDollar_wspzsl)** domain. These changes were recorded in the audit log with comment codeCHG0037161. The activation timestamp was 2026011703:20:09-0800, and the entry moment was 2026011703:21:51-0800. The log shows the transaction “Activate Pending Security Policy Changes” was processed, and the security timestamps for tenant setup were updated accordingly. No other attributes or relationships were modified.
[EVT-0022] - On January17,2026 at 6:45AM EST, Workday administrator DennisCregan edited the account for user KelbyBrick. During that transaction, he added a large number of notification categories to Kelbys user notification settings—over 200 different event types such as “Academic Advising,” “Benefits Notifications,” “Birthdays,” “Time Off,” and many others. Each of these categories was configured to send notifications via Email, and for most of them also via Mobile Push Notification. The change was recorded as a single “Edit Workday Account” transaction that completed successfully at 6:45AM. No notifications were removed; only new notification settings were added to Kelbys account.
[EVT-0023] - On January17,2026 at 6:56AM Eastern Standard Time, Workday administrator Dennis Cregan (user ID1000054) edited the Universal ID for student Gabrielle Vidmar. The change replaced her previous Student Universal ID “1117251” with the new value “1117249”. The edit was performed as part of an “Edit Universal Id” transaction and updated the students record in several related tables (Academic Record, Program of Study indexes, etc.). No other attributes were modified and no attachments or removals occurred. The event was logged under IDEVT0023 with 14 rows affected.
[EVT-0024] - On January17,2026 at 6:57AM EST, Workday administrator Dennis Cregan (user ID1000054) edited the Student ID for Gabrielle Vidmar. The change replaced the old Student ID1117251 with a new value of1117249. The edit was recorded as the “Edit Student ID” transaction and applied to Gabrielle Vidmars Fall2026, Spring2026, Summer2026 and other related enrollment records. The audit shows the entry moment timestamp (2026011703:57:28-0800) and notes that the XML file contents were excluded from the audit. No other attributes or attachments were added or removed, and the event is logged under event IDEVT0024.
[EVT-0025] - On January17,2026 at 6:58AM EST, Workday administrator DennisCregan edited the account for user GabrielleVidmar. In that transaction he added a large set of notification categories to her User Notification Settings, enabling Gabrielle to receive email and mobilepush alerts for a wide range of business processes (e.g., Academic Advising, Benefits Notifications, TimeOff requests, Inventory updates, Student records, etc.). The change was recorded as a single “Edit Workday Account” transaction that completed successfully.
[EVT-0026] - On January21,2026 at 12:18PM (EST) the system recorded that a background process was launched to update student prospect records. The event, called “Student Prospect Update Event (Default Definition)”, ran a batch job named “Match Students” to reconcile student identifiers. The change was made by Workday Integration Administrator DennisCregan (user ID1000054). He edited the “Other IDs” for a student prospect named **Jaycob Sink**. The edit added a new custom identifier reference (CUSTOM_IDENTIFIER_REFERENCE321093) and updated the creation date to20260121. The prior creation date was 2026012018:01:34. The process also marked the student prospect as “In Progress” and later “Successfully Completed”. No attachments were added, and no records were removed except the temporary reconciliation flag. In short: DennisCregan triggered an automated batch job that updated Jaycob Sinks student prospect record, adding a new identifier and marking the update as completed.
[EVT-0027] - On January23,2026 at 8:25AM EST, Workday administrator DennisCregan edited the account for employee EmilyWolski. During that transaction he added a large number of notification categories to her usernotification settings, enabling Emily to receive email and mobile push alerts for events such as academic advising, benefits updates, timeoff requests, onboarding activities, inventory notifications, student records, and many other business process events. The changes were applied to Emilys account as part of the “Edit Workday Account” transaction, which was completed successfully.
[EVT-0028] - On January23,2026 at 10:59AM Eastern Standard Time, Workday administrator Dennis Cregan created a new security group called **“Gallaudet and Clerc HR UBSG.”** The group was assigned the internal ID **USERBASED_SECURITY_GROUP3237** and its creation timestamp was recorded as 2026012307:59:56.5710800 (UTC8). No prior values existed because this was a new object. The event, identified as EVT0028, logged the creation transaction and noted that the users language preference was English (United States). No attributes were removed or changed, and no attachments were added. The action was performed by Dennis Cregan (user ID1000054) as a Workday admin.
[EVT-0029] - On January23,2026 at 11:02AM EST, Workday administrator Dennis Cregan edited the “Gallaudet and Clerc HR UBSG” userbased security group. He added a comment to the group that reads: “This security group will be used by intersection security groups to exclude Gallaudet and Clerc HR employees when they have specific role(s), such as Manager or UI.” The change was recorded in the audit log with event IDEVT0029. No users were added or removed from the group; only the comment field was updated. The transaction was processed as an “Edit UserBased Security Group” action, and the new comment value was stored in the system.
[EVT-0030] - On January23,2026 at 11:04AM (EST) an administrator named DennisCregan added seven users to the “Gallaudet and Clerc HR UBSG” userbased security group. The users added were: - AnthonyBalogh - BeckyWhittington - ChristinaShenAustin (appears as “Christina Shen” in the applied list) - RachelParker - YunheBai - OloladeOlasanoye - KellyFournier - StephanieBettencourt The action was recorded as an “Assign Users to UserBased Security Group” transaction, with the event type “UserBased Group Change.” The change took effect immediately (effective date 2026012300:00:00 -0800) and was logged in the systems audit trail. No users were removed, and no attachments were added. The event ID for this change was EVT0030.
[EVT-0031] - On January23,2026 at 11:04AM Eastern Standard Time, user **Dennis Cregan** (employee ID1000054) created a new security group in Workday. The group was named **“NonHR Manager ISG”** and received the internal ID **INTERSECTION_SECURITY_GROUP-3-21**. The creation event recorded the entry moment as 2026012308:04:33.2190800 (Pacific Time). No prior values existed because this was a new object, and the XML definition of the group was not included in the audit log. The action was logged under event IDEVT0031 and involved adding the group to the system with English (United States) as the user language. No relationships were removed or modified; only the new group was added.
[EVT-0032] - On January23,2026 at 11:05AM EST (08:05AM PST), Dennis Cregan edited an intersection security group in Workday. He created a new intersection called “Gallaudet and Clerc HR UBSG” that excludes employees who have the Manager role from the “NonHR Manager ISG” security group. The change added a comment describing the purpose of the intersection and recorded the timestamp in UTC8 format. No other attributes were changed, and no items were removed. The event was logged under EVT0032.
[EVT-0033] - On January23,2026 at 11:05:58AM Eastern Standard Time, a Workday administrator named Dennis Cregan (user ID1000054) created a new security group called **“NonHR Unit Initiator ISG.”** The group was given the internal ID **INTERSECTION_SECURITY_GROUP322** and its creation timestamp was recorded as2026012308:05:58.2260800 (Pacific Time). The action was logged under event IDEVT0033, and the users language setting for the transaction was English (United States). No prior values existed because this was a new object, and no items were removed or attached during the transaction.
[EVT-0034] - On January23,2026 at 11:06AM Eastern Standard Time, Workday administrator Dennis Cregan (user ID1000054) edited an intersection security group. He added the “Gallaudet and Clerc HR UBSG” security group, the “NonHR Unit Initiator ISG” security group, and the role “Unit Initiator” to this intersection. The change was recorded as a new comment: “This intersection security group is used to exclude all Gallaudet and HR employees with the Unit Initiator role.” The edit also updated the groups XML definition (the file contents were excluded from audit). No items were removed. The transaction was logged under event IDEVT0034 and involved six related relationship changes that set the security group to exclude the specified tenanted groups.
[EVT-0035] - On January26,2026 at 6:35AM Eastern Standard Time, Workday administrator Dennis Cregan (user ID1000054) edited the Universal ID for employee Andrew Greenman. The change replaced Andrews previous Universal ID of1117188 with a new value of1108237. The audit log records the transaction as “Edit Universal Id” and shows that the entry moment was recorded as2026012603:35:36.4320800 (Pacific Time). No attachments were added or removed, and the change was processed as part of a standard transaction. The event is identified by EVT0035 and involves three attributes: Entry Moment, Universal ID, and XML (file contents excluded from the audit).
[EVT-0036] - On January26,2026 at 6:36AM EST, Workday administrator DennisCregan edited the account for user AndrewGreenman. During that transaction, he added a large number of notification categories to Andrews user profile—over 500 individual settings. These include email and mobilepush notifications for events such as Academic Advising, Accounting Center Job Process, Activity Comments, AdHoc Worker Communications, Add Employee to Compensation Process, Admissions, Anniversaries, Background Error Notifications, Benefits Notifications, Birthdays, Bonus/Compensation reviews, Business Process General notifications, CheckIns, Consignment Usage Requisitions, Create Inventory Waves, Customer Central, Drive Access changes, E&G Committee invitations, Evidence of Insurance, Extended Enterprise Campaigns, various Financial Aid notifications, General Notifications, Give Feedback, Goal Notes, Integrations, Interview Schedule Communications, Inventory usage and replenishment alerts, Learning Campaigns, Management of Individual Benefit Rates, Marketplace Opportunity Promotion, Metric Review notifications, Onboarding Plan and Setup alerts, Open Enrollment for Benefits, Par usage alerts, Passive Enrollment events, Prism data acquisition, Remote Form I9 notifications, Repository Document updates, Request for Quote alerts, Supplier synchronization errors, Schedule Distribution (timeoff requests and reviews), Scheduled Future Processes, Report completions, Share Career Development/Path notifications, Student Engagement Monitoring, Student Financials and Records, Student Recruiting communications, Supplier Contract expirations/renewals, Surveys, System Monitor notifications, Talent Pool alerts, Time Off and Upcoming Shift alerts, Voluntary SelfIdentification of Disability, Workbook access changes, comments, conversations, imports, live data updates, and worker communications. All of these were configured to send either email or mobilepush notifications (or both) to AndrewGreenman. The transaction was completed successfully at 6:36AM EST.
[EVT-0037] - On January28,2026 at 10:15AM (EST) DennisCregan started a background process called **“Student Prospect Update Event (Default Definition)”** for the student prospect **MarkKillian**. The process was launched as part of the **“Edit Other IDs”** workflow, which is used to add or change identifiers for a student. During the run: * A new **Custom Identifier Reference** (ID321213) was created and linked to MarkKillians record. * The system added the identifier value **681374436** to MarkKillians profile. * The workflow moved through its standard steps: initiation, approval by an Integration Administrator, and a batch job that performs the **“Match Students”** operation. * The match job ran on January30,2026 and marked the record as **“Unmatched”** (no existing student matched). * The event logged that the record was **“Successfully Completed”** and the transaction was marked **“In Progress”** during processing. The audit shows that DennisCregan performed the action, and the changes were applied to MarkKillians student prospect record. No attachments were added or removed, and the only removal noted was a previous identifier reference that was replaced by the new one. The entire transaction involved 69 rows of data changes, all captured in the Workday audit log.
[EVT-0038] - On January28,2026 at 2:06PM EST, Workday administrator DennisCregan edited the account for user StephanieBaran. The edit updated her account expiration date from January11,2024 to January28,2026 and set a new “Grace Period Login Count” of 30 days. In addition, Dennis configured Stephanies notification settings to receive email and mobilepush alerts for a wide range of Workday events—everything from academic advising, benefits notifications, and timeoff requests to inventory updates, student records, surveys, and system monitor alerts. All of these notification categories were added to Stephanies user profile during the same transaction, which was logged as eventEVT0038.
=== Joseph DeSiervi ===
[EVT-0040] - On January8,2026 at 3:46PM Eastern Standard Time, JosephDeSiervi (user ID1003153) performed an administrative action in Workday. He edited a Business Process Security Policy and added the “Approve” permission to that policy for the role “ProcurementDataEntrySpecialist.” The change was recorded as eventEVT0040. The new entry time for the policy was set to 12:46PM Pacific Time (2026010812:46:39.163-0800). The XML file contents of the policy were excluded from the audit log, so only the timestamp and the fact that the “Approve” permission was added are visible. No other attributes were changed or removed, and no attachments were added. The action was completed by JosephDeSiervi as an administrator.
[EVT-0041] - On January8,2026 at 3:48PM (EST) JosephDeSiervi performed an administrative action in Workday. He activated a pending securitypolicy change that added the “Procurement Data Entry Specialist” role the ability to approve any purchaseorder change orders (the change is referenced as INC0164817/CHG0037156). The activation was logged under the task “Activate Pending Security Policy Changes” and applied to the tenant named “gallaudet.” The event was recorded as EVT0041. No other attributes were changed, and no attachments or additional relationships were added beyond the securitypolicy activation.
=== Julie Longson ===
[EVT-0057] - On January6,2026 at 4:11p.m. (UTC8) Julie Longson, a Workday administrator, ran an **AssignRoles** workflow. The workflow added several new role assignments for a group of 21 users, including: * **Shelby Bean** given the “Financial Aid Counselor” role and additional access to unofficial student transcripts, a financialaid specialist role, and two levels of studentassistant roles. * **JohnDavis** assigned the “Director, Outreach” role effective January6,2026. * Other staff such as Amanda Jackson, Dylan Westbury, Na Zhuo, Sydney Padgett, Robert Sanchez, Patrick Rolfe, Keith Grant, Zeshan Shafiq, Gemma Gabor, Caroline Pezzarossi, Lindsay Buchko, Caroline Finklea Vizzuto, Michael Tota, Khadijat Rashid, Emelia Beldon, Mercedes Olson, Corey Burton, Shanna Cooley, and Vicki Cheeseman received the same set of roles that Shelby Bean was granted. The event completed automatically with no manual intervention required after the workflow started. No roles were removed; all changes were additions to the users existing role sets. The transaction was logged under event ID **EVT0057** and recorded as an “AssignRoles Add/Remove” action.
[EVT-0058] - JulieLongson, an administrator at Gallaudet University, performed a roleassignment action on January6,2026. She added the “Financial Aid Specialist (View Only) Gallaudet University” role to employee JohnDavis, making the assignment effective on that same day. The event was recorded as an “AssignRoles” transaction, completed automatically at 13:12:23EST. The audit shows the role was added to JohnDaviss profile, with no roles removed or changed. The action was logged under event IDEVT0058 and captured in the Workday audit trail.
[EVT-0059] - On January6,2026 at 4:15PM EST, Julie Longson (user ID1004645) added JohnDavis to the “Financial Aid Specialist UBSG U” userbased security group. The action was performed through the “Assign Users to UserBased Security Group” transaction, which created a new group membership event. The change took effect immediately (effective date 1:15PM) and was logged as event IDEVT0059. No users were removed, and no attachments were added. The audit shows the new membership was recorded in the systems security group tables and logged for compliance purposes.
=== Kristinn Bjarnason ===
[EVT-0042] - On January7,2026 at 12:03PM EST (09:03AM PST), Kristinn Bjarnason, a Security Administrator, created a new assignable role called “Manage Course Offerings.” The role was given the internal IDASSIGNABLE_ROLE3517 and was added to the Academic Unit hierarchy. The role is administered by a Tenanted Security Group, restricted by Role Usage metadata, and the transaction was processed for task behavior. The roles base language is set to English (United States). No prior value existed, and no items were removed. The event was logged as EVT0042 with eight attributes recorded.
[EVT-0043] - On January7,2026 at 12:04PM Eastern Standard Time, Kristinn Bjarnason created a new security group in Workday. The group was named “Manage Course Offerings RBSGC” and received the internal IDROLEBASED_SECURITY_GROUP__CONSTRAINED_-3-452. The creation event recorded the entry moment (2026010709:04:30.3060800) and the groups name, ID, and XML definition (the XML file contents were not included in the audit). No prior values existed because this was a new object. The action was logged under event IDEVT0043 and involved the “Create Security Group” transaction. No relationships were removed or added beyond the standard processing instance and language settings.
[EVT-0044] - On January7,2026 at 12:04PM (EST) KristinnBjarnason added a new rolebased security group called **“Manage Course Offerings RBSGC”** to the Workday instance. The action was performed through the **“Edit RoleBased Security Group (Constrained)”** task. The group was created with the setting **“Applies To Current Organization And Unassigned Subordinates”** and its XML definition was excluded from the audit log. The new group is now part of the **“Manage Course Offerings”** security framework and will define membership for the rolebased group “RBSGC.” No other changes were made.
[EVT-0045] - On January7,2026 at 12:05PM EST (09:05AM PST), KristinnBjarnason edited the security settings for a Workday domain. He added new permissions that allow the “Manage Course Offerings RBSGC” and “Manage: Mass Course Offerings” roles to view and modify course offerings. These changes granted the corresponding security groups access to the domain and its policies, and updated the transaction logs for the task behavior. No items were removed or attached; the action was recorded under event IDEVT0045.
[EVT-0046] - On January7,2026 at 12:06PM (EST) a Workday administrator named KristinnBjarnason performed an action that activated pending security policy changes. The change created a new security group called **“Manage Course Offerings RBSGC”** and granted it permission to view and modify the **“Manage: Mass Course Offerings”** domain. This update was logged as eventEVT0046 and included a comment that the group was created for the purpose of managing course offerings (incident INC0165358/CHG0037144). The action removed an earlier entry dated December19,2025 at 7:36AM that had referenced the same “gallaudet” tenant, effectively replacing it with the new security group. No additional attributes or attachments were added beyond this policy activation.
[EVT-0047] - On January7,2026 at 9:09AM (Eastern Time), Workday administrator **KristinnBjarnason** processed a request from **ErickaBrown** to give **BethGibbons** the “Manage Course Offerings” role for two academic units: 1. **Continuing Education Academic Unit** (P000506 Associate Dean, Graduate Education) 2. **Dean of Faculty Academic Unit / Graduate** (P000506 Associate Dean, Graduate Education) The role assignment was set to take effect on January7,2026. The transaction was recorded as an “Assign Roles Add/Remove” event (EVT0047) and was automatically completed. No roles were removed, and the change was logged for both BethGibbons (the role recipient) and ErickaBrown (the requester).
[EVT-0048] - On January6, 2026 at 9:00PM a Workday “RoleBased Group Change Event Lite” was created. This event prepared the assignment of a new role for an associate dean. On January7, 2026 at 12:00AM (Eastern Time) the role “P000506 Associate Dean, Graduate Education Beth Gibbons (+1)” was added to the “Manage Course Offerings” security group for both the Continuing Education Academic Unit and the Dean of Faculty Academic Unit / Graduate. This change was part of a broader roleassignment workflow that had been triggered earlier. At 9:10AM on the same day, KristinnBjarnason (user ID1003966) executed an “Assign Roles Add/Remove” transaction. He added the role of **Assistant Dean, Graduate Education (P007153)** to MaryPerrodinSingh. The assignment was made effective on January7, 2026, and the action was performed at 9:10:29.967AM. The request came from ErickaBrown (incident INC0165358/CHG0037144), and the change was automatically completed by the system. In summary, KristinnBjarnason added MaryPerrodinSingh to the Assistant Dean role for Graduate Education, effective January7, 2026, following a request from ErickaBrown. The change was part of an automated workflow that also updated related security groups earlier on January6 and 7.
[EVT-0049] - On January12,2026 at 8:50AM (Workday system time), administrator **Kristinn Bjarnason** performed a roleassignment update. He added the security group or role **INC0165902** back into the system and then assigned the user **MarlenaDemmon** to the position of **Residence Education Coordinator (P007401)** effective that same day. The change was recorded as part of the “AssignRoles Add/Remove” transaction and completed automatically. No roles were removed, only the new assignment was added. The event is logged under IDEVT0049 and shows that the action took place in the Gallaudet University tenant.
[EVT-0050] - On January12,2026 at 11:42AM (local time), Workday administrator **KristinnBjarnason** processed a request from **BethGibbon** (INC0165359) to give **MaryPerrodinSingh** the role of *Assistant Dean Graduate Education*. The assignment was created in the system with an effective date of **January12,2026**. The event was logged as “Assign Roles Add/Remove” and recorded under the workflow definition for role assignment. No roles were removed or changed for any other user in this transaction. The action was completed automatically and the event record shows it finished successfully on the same day.
[EVT-0051] - On January14,2026 at 12:16PM EST, Workday administrator **Kristinn Bjarnason** performed an “Edit Workday Account” transaction for user **VeronicaTovarCervantes**. During that transaction, Kristinn added a large set of notification categories to Veronicas usernotification settings. The categories include, but are not limited to: Academic Advising, Accounting Center Job Process, Activity Comments, Ad Hoc Worker Communications, Add Employee to Comp Process, Admissions, Anniversaries, Background Error Notifications, Benefits Notifications, Birthdays, Bonus/Comp/Stock/Merit review, Business Process General Notifications, CheckIns, Consignment Usage Requisitions Notification, Create Inventory Waves, Customer Central, Drive Access Additions/Changes/Removals, E&G Committee Invitation, Evidence of Insurance, Extended Enterprise Campaigns, Financial Aid Disbursements/General/Packages, General Notifications, Give Feedback, Goal Notes, Integrations, Interview Schedule Communications, Inventory Average Daily Usage/Count Notification/Preferred Supplier Lead Time/Replenishment, Learning Campaigns/Expiration Periods, Manage Individual Benefit Rates, Marketplace Opportunity Promotion, Metric Review Notification, Onboarding Plan Notifications/Setup, Open Enrollment for Benefits, Par Average Daily Usage/Lead Time/Recommended Reorder Point, Passive Enrollment Event, Prism Data Acquisition Notification/Wbucket Complete Notification, Remote Form I9 Authorized Representative Notification, Repository Document, Request for Quote Notifications, Review Supplier Synchronization Errors, Schedule Distribution (Request Time Off/Review Time Off), Scheduled Future Processes, Scheduled Live Report Completion, Scheduled Report Completion, Share Career Development Opportunity/Path Notification Category, Share notifications, Student Engagement Monitoring, Student Financials, Student Records, Student Recruiting Marketing/Transactional, Supplier Contract Expiration/Renewals, Surveys, System Monitor Notifications, Talent Pool Notifications, Time Off, Upcoming Shift, Voluntary SelfIdentification of Disability, Workbook Access Additions/Removals, Workbook Comments/Conversations, Workbook Import Failures/Successes, Workbook Live Data Scheduled Updates, Workbook Notify If Function Notifications, Workbook Tasks, Worker Communications, and the “~Gigs~” category. The transaction also set some account attributes: an account expiration date of 20260114, a session timeout of 30 minutes, and enabled reset challenge questions. No notifications were removed; all changes were additions to Veronicas notification configuration. The event was logged under event ID **EVT0051** and involved 503 rows of audit data.
[EVT-0052] - On January15,2026 at 11:22AM (EST) KristinnBjarnason edited the Workday account for user VeronicaTovarCervantes. During that transaction he removed a long list of notification categories (such as Academic Advising, Accounting Center Job Process, Birthdays, etc.) from Veronicas notification settings and then readded them with specific delivery channels. The new configuration enabled email, mobile push, or both for each category, depending on the setting. In short, Kristinn updated Veronicas notification preferences to ensure she receives alerts via email and/or mobile push for all listed Workday events.
[EVT-0053] - On January21,2026 at 5:54AM Eastern Time, Workday administrator KristinnBjarnason removed the “School Director” role from TeresaBlankmeyerBurke (employee ID P000681) at the Arts and Humanities School. The removal was performed in response to Teresas request (incident INC0166411). At the same time, the system added the “Professor” role to BrianGreenwald (employee ID P000679) for the Arts and Humanities School, effective January21,2026. The transaction was logged under the “Assign Roles Add/Remove” process and completed automatically with no manual approval required. The event was recorded as EVT0053 in the audit log.
[EVT-0054] - On January21,2026 at 8:57a.m. (EST), Workday recorded that KristinnBjarnason added TeresaBlankmeyerBurke back to her role as Professor and School Director of the Arts and Humanities School. The change was made because Teresa had returned from a sabbatical (incidentINC0166411). The role assignment became effective on January21,2026. No roles were removed; the action simply added Teresa to the appropriate security groups for her position. The event was logged under event IDEVT0054 and completed automatically by the system.
[EVT-0055] - On January22,2026 at 9:19AM (EST) a Workday administrator named KristinnBjarnason added new permissions to the “Student Finance Administrator UBSG” security group. The change created a set of domainlevel permissions that allow the group to view student data, specifically the “Student Transcript” and “Withdrawal and Leave” records. The permissions were added as “View Only” access for those two data sets, and the transaction was recorded under the event IDEVT0055. No permissions were removed, and no other users or attachments were involved in this action. The audit log shows the new permission entries, their XML representation was excluded from the audit details, and the transaction was part of the “Maintain Domain Permissions for Security Group” task.
[EVT-0056] - On January22,2026 at 9:20AM (EST) a Workday administrator named **Kristinn Bjarnason** (user ID1003966) activated pending security policy changes for the **gallaudet** tenant. The activation updated the **Student Finance Administrator UBSG security group** so that it now has view access to two domains: * **Student Data: Withdrawal and Leave** * **Student Data: Student Transcript** The change was recorded in the audit log as a transaction titled “Activate Pending Security Policy Changes.” The event (EVT0056) shows the new security timestamps and notes that the XML file contents were excluded from the audit. The action replaced an earlier instance dated January17,2026 at 3:20AM.
=== Thad Ferguson ===
[EVT-0039] - On January12,2026 at 2:06PM Eastern Standard Time, Workday admin **Thad Ferguson** (user ID1000998) edited the student record for **Jennifer Ceyanes**. He changed her Student ID from the temporary value **TEMP_STUDENT_0002694** to the new permanent ID **1117210**. The change was recorded in the “Student Financials Period Record StudentID (Denormalized)” field and logged as part of the “Edit Student ID” transaction. No other attributes were altered, and no attachments were added or removed during this update.
Reference in New Issue View Git Blame Copy Permalink