How to find out who added/set up a member?

sarcher said:

I'm trying to track down the person who has been adding members with incorrect credentials

What exactly do you mean? And is your community public to the internet?

sarcher said:

I have looked at the audit logs but they are very confusing

From my observations it typically goes in this order:

- Anonymous may execute as a system service that sets up the roles for the to-be-created username

- 'Anonymous creates user "username"

- Anonymous then 'executes as username' to authenticate to the community.

- username then performs actions on the platform

sarcher said:

I'm trying to track down the person who has been adding members with incorrect credentials

What exactly do you mean? And is your community public to the internet?

sarcher said:

I have looked at the audit logs but they are very confusing

From my observations it typically goes in this order:

- Anonymous may execute as a system service that sets up the roles for the to-be-created username

- 'Anonymous creates user "username"

- Anonymous then 'executes as username' to authenticate to the community.

- username then performs actions on the platform

Its a closed Community so certain people in the company have access to add users/members

Users created through Administration > Membership > Members > Add Member will be properly attributed to the creator in the audit record in Administration > Monitoring > Auditing

Within auditing you can even filter down to see specifically all of the created actions which includes a user being created. You can even filter by username - as Christopher G. Stanton stated - the anonymous role typically will create new users. 

Thank you!