Feature name
Retain user information in event log even after a user is removed from organization
Feature function
- Currently when a user is removed from an organization, all events in the logs that user performed switch to UNKNOWN user. After this you are unable to track what a removed user may have done.
- This would retain user information in the event log to determine what actions or passwords a user accessed, even after removing that user from the organization.
- Multiple security guidelines require retention of these records. If an employee accesses multiple accounts, and then the employee is terminated and removed from the organization before running an event log dump, the logs are lost, as the user is not retained in the event log after being removed.