The Audit Log, located at Settings > Audit Log, provides a list of all events performed by registered application users. Drill down to perform detailed Audit Log analysis using the extensive filter and search tools. Then export your findings to a CSV file for accurate reporting.
You can also export the Audit Log to a third-party SIEM system using a Syslog export via Enterprise Connector. For details, see Export Anomalies, Threats, and the Audit Log to a SIEM.
The Audit Log page allows you to search and filter in the following ways:
- Date Picker. Use the Date Picker to select a preset or custom date range in order to display data from only this date range.
- All Users. Filter for users using the drop-down menu.
- All Event Categories. Filter for event categories using the drop-down menu.
- All Events. Filter for a specific event using the drop-down menu.
- Search Field. Search by keyword in Additional Information or by IP Address.
- Create Report
- Download CSV. Export a CSV file of the data displayed in the Audit Log.
- Edit Table Columns. Edit the columns displayed in the Audit Log table.
- Create Report
- Available Table Columns:
- User. The username.
- Event Category.
- Name. The object name, which is different for each Event Category.
- Event. The type of event the user performed, detailed in Audit Log Event Type.
- Additional Information. Any additional information available for the user.
- Timestamp. The timestamp when the event occurred.
- IP Address. The user's IP address.
- Description. Description of the event.