As the Server Admin I'd like to have the ability to view ALL "Workflow Results" for all Subscriptions.This will give the highest level admin the ability to monitor all schedules (on the entire server instance) and monitor if they are unable to complete successfully (example- unable to allocate memory) and any other errors are occurring.
Knowing this information will help the server administrator understand if there are issues with the server itself (e.g. if we need more workers or to simply adjust actual server system settings..etc..)
For whatever reason a schedule is disabled, whether a Studio expires, or for any other legitimate reason, a notification email should be sent to the Admin and the one that created the schedule in advance of it being disabled. When a scheduled workflow is not executed, it leaves us scrambling for answers. A sudden disablement of the schedule is disappointing to discover after all other stones have been turned. Notify us in advance of a schedule being disabled.
When an artisan moves positions (within or external) away from their current responsibilities, their collections and workflows should be able to be transferred via an administrator to another user.
The Save to Gallery window does not resize. When I try to Save my Workflow to my Gallery and Manage Workflow assets, I can not widen that window to see the full path to my assets.
This makes it very hard when you have many assets to know if they need to be included or not with the promotion. It may take two or three attempts guessing what asset is what to get the correct combination to make my App run correctly.
It would be nice to be able to widen this window much like we can with the Workflow dependencies window.
So - one of the biggest challenges that we have with the MongoDB used by Alteryx Server is that we continually have issues with locking (where our admins have to go in and undo locks)
Additionally - the current implementation of MongoDB connectivity does not support full Kerberos authentication which means that we're on a non-compliant install (which in a large enterprise is an uncomfortable place).
Given that a very large amount of what the server does is transactional - it would make sense to have an option to use a large-scale SQL server instead of using Mongo. For large enterprise customers, there must be flexibility to allow the databases that they have large supported instances of (my strong preference would be MS SQL 2016).
MS SQL natively supports XML so all the canvasses can be stored in native format. Additionally, MS SQL allows very fast query across XML, and given the clustering and reporting capabilities in MS SQL, this would dramatically increase our ability to self-manage our infra.
Given that Alteryx is looking more and more at large Enterprise customers - a move to a large-scale clustered SQL env as the back-end would be a very positive move.
NOTE: as we consider DB options for a SQL backend - please consider your large-scale enterprise customers. For example - MS SQL or Oracle or DB2 are all much more prevalent in enterprises than databases like Postgres - so it's important to focus on the enterprise support for the DB that you choose.
As a server administrator, I would like to have more control over collections. I have a user who is in charge of a collection out of office, and we have some users who need to get to be added to the collection to run workflows. As admin of the server, I would like to be able to add users to this collection, modify permissions, modify workflows, etc. This would be necessary both for when users are temporarily out of the office as well as if someone were to leave the company.
One of the issues that we have with Alteryx jobs in prod (and also Tableau, coincidentally) is that often a canvas is built to serve a need at the time, but after a while it's no-longer needed but it continues to run and consume server resources.
Can we add the option to our server environment to request recertification that a particular job is still needed every X months.
This will achieve 2 useful purposes:
- if the job is no-longer needed then the user hits "No thank you" and it's then taken off the scheduler which reduces server loads
- Alternatively - the user may realize that this should have been handed over to a new team or owner, and they can then make this change based on the recertification prompt.
I'm pretty certain that this would help to manage the inevitable build-up that happens on server environments where jobs build up until the server starts thrashing and the admin team then need to go out to all the users to do this recert process manually.
In regulated environments, like banks, there is a requirement to fully segment Alteryx Jobs so that people on either side of a Regulatory Wall cannot access each other's canvasses or results.
As an example:
- Public vs. private side in Broker/Dealer banks
- Compliance or HR or Finance need to be segmented from all other areas in most banks
What is needed here is for any canvasses belonging to each of these walled-off areas to be controlled so that they cannot be shared across the wall, and results cannot be viewed across these areas. This also means that the Gallery Environment needs to be capable of being segmented fully within 1 installed environment.
It would be useful if the Admin of a Private Gallery (in house server) could delete studios and/or members. Also, it's confusing that a member who's added also gets a Studio automatically set up. Members (for my purposes) are only supposed to be able to run apps in collections that I grant them access to. They should not get their own studio. Even if they can't use the studio (or even know that they have a studio), it's not very efficient to have all these studios show up on the subscriptions screen.
Along with setting a schedule for an app in the gallery, the user should also be able to set the different interface values for each schedule he/she makes.
My main use case is regarding having generic templates for ETL processes, that have multiple different types of runs based on configuration values, but I'm sure there are plenty others.
Currently, we use Task Manager to control Alteryx Service (or command line). An administrative function within Alteryx should support graceful stopping and starting of the service as user jobs are interrupted (or can be) by our activities. While I currently post messages to users alerting them to admin activities, I am asked why Tableau can restart jobs (admin) and we can't. Other admins have asked what is "hanging" alteryx service up for a STOP command. I have explained that all jobs must be stopped in order for a quick restart of the service.
We're using a single server today (this client) and plan to add workers to the configuration. It would be helpful to know where work is running and be able to use admin functions across the servers.
My company, a very large organization, is in the early implementation phase of Alteryx right now. My company requires frequent password changes and we plan on making heavy use of Shared Connections since there are also many shared data sources. Unfortunately, this would mean that every time a credential has changed that affects a workflow, the credential holder would have to contact Server Administration (me), and I would have to update any Shared Connections or other assets that use those credentials. This problem is exacerbated by also having to manage user permissions and which users belong in each Subscription Right now, that is not much of a big deal, but as the number of users begins to scale, this could become a very daunting task.
My current solution is to create Subscriptions for each Department, Group, or Team and give one person from that Subscription Curator permissions. This enables each Department to work more autonomously and reduces the load for Server Admin. The issue is that there is no permission level between the publishing rights of an Artisan and the ubiquitous acces of a Curator. So, with my solution, any one of the Subsription Curators can start using connections they're not supposed to have access to or deleting/stopping scheduled flows, intentionally or otherwise.
I propose that we find a middle ground between Curator and Artisan, a (Studio) Moderator. This person can be assigned one or more subscriptions by a full Curator and will have Curator-like permission, but only to the assigned Subscriptions. This means that they will be able to add/modify Credentials, Connections, and/or Scheduled under the envelope of their Subscriptions, but they won't have access to any others. I believe that this solution will mitigate the possible overflow of tedium to the true Curators while allowing the powerful communal features of Alteryx be used to their full potential.
In the Alteryx Gallery UI, it's possible to set up workflow credentials so that a workflow published to the gallery runs as a specific user.
Unfortunately when that workflow is run from the Alteryx Gallery API, it appears to only ever run as the Alteryx Server Run-As account.
Our developers in working with this figured out that if they called the (undocumented) API that runs the actual Alteryx Gallery directly, they can achieve what they want, but it seems a risky strategy.
The idea would be:
-Either unify the APIs so that the Gallery itself uses the same API to run workflows as what you present as the "Gallery API" (the eat your own dogfood way)
-Alter the Gallery API to enable us to run as a different workflow credential
Without this, we're forced to permission the run-as account to access anything that uses this method, which in turn then becomes a bit of a security hole (any workflow run will have access to everything that the run-as account uses)
When saving a workflow to the Gallery, I would like an option on the Save window to save directly to a collection. This can be an existing collection, or would have the ability to create a new collection. The current process requires you to log into the Gallery after saving the workflow and move it to the appropriate collection.
Suggested information to be included in audit logs.
A secure audit record of all activities on the system:
At minimum the logs should include the following:
I believe many customers could benefit from this type of audit logging, especially those who are required to obtain specific security certifications for their alteryx deployments. From what I can see online there does not seem to be out of the box functionality for this. If anyone has implemented any type of audit logging like this please feel free to comment.
Please provide the ability to bulk add/delete users to a gallery. This would be useful for on-boarding/off-boarding large companies, departments, and external customers. For public-facing galleries, this would provide us the ability to on-board/off-board entire customers of ours.
Currently the Private Gallery product has 2 authentication options - AD and built in.
If an organization uses AD, this solution is fine, however there are many origanizations who use other standard directory systems. One of the more common directory/authentication systemsis LDAP due to its wide adoption and cross platform compatibility.
It would be fantastic to have functionality similar to the AD integration, however with LDAP for Gallery authentication and user management.
Is there any plan to create an automated way of publishing apps/workflows to the gallery. This has been a common painpoint for me on several different projects when I explain how manual of a process this is.
I'd imagine this could easily be solved by adding an additional API call to their library. Ideally, you'd be able to point the gallery to a shared folder with workflows you want to push (git repo functionality would even be better), and have it just move the .xml scripts to the server/mongoDB.