Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here

Skyhigh Security

Audit Log Events

Audit logs are records of the event logs, typically regarding a sequence of activities or a specific activity. The following events are tracked as part of the Audit Log

Event Category Event

Admin Actions

AWS Account Authentication

Admin Actions

API Access

Admin Actions

Config Audit AWS Accounts Modified

Admin Actions IP allowlist enabled
Admin Actions IP allowlist disabled
Admin Actions IP allowlist changed (IPs are added or removed
Admin Actions IP allowlist changed  (Support IP option is enabled or disabled)

Cloud Connector

Log Processing Config Changed

Cloud Connector

Custom Attribute Config Changed

Cloud Connector

SIEM Config Changed

Cloud Connector

IP User Mapping Config Changed

Cloud Connector

SMTP Config Changed

Cloud Connector

Panorama Config Changed

Cloud Connector

Cloud Config synced to EC
Cloud Registry Custom attribute created
Cloud Registry Custom attribute deleted
Cloud Registry Custom attribute(s) edited
Cloud Registry Risk category weights changed
Cloud Registry Risk attribute weights changed
Cloud Service Detail Custom service attribute value edited
Cloud Service Detail Bulk edit of Custom service attribute values
Cloud Service Detail Note added to Cloud Service
Cloud Service Detail Note edited for Cloud Service
Cloud Service Detail Service detail report created
Cloud Service Detail Cloud service risk score is overridden
Data Jurisdictions Jurisdiction created
Data Jurisdictions Jurisdiction edited
Data Jurisdictions Jurisdiction deleted
File Downloads Cloud traffic URL list downloaded
File Downloads Anomalies CSV exported
File Downloads Upload Activities CSV exported
File Downloads Service Group list downloaded
File Downloads Report downloaded
File Downloads Integration URL list downloaded
File Downloads Application audit trail downloaded
File Downloads Item creating incident downloaded
File Emailed Report emailed to the user
Incidents Delete incidents
Incidents Bulk change incident owner
Incidents Bulk change incident status
Incidents Bulk change incident response
Incidents Change incident owner
Incidents Change incident status
Incidents Change incident response
Integrations Firewall/proxy integration added
Integrations Firewall/proxy integration edited
Integrations Firewall/proxy integration removed
Integrations Changes approved to sync with firewall or proxy
Reports My Dashboard cards export
Reports Run Now report created
Reports Scheduled report created
Reports Run Now report created
Reports Scheduled report created
Reports Scheduled report edited
Reports Scheduled report is run
Reports Scheduled report deleted
Reports Scheduled report duplicated
Reports Report Executed
Service Management Proxy is un-managed
Service Management Proxy is disabled
Service Management Added Service Properties
Service Management Updated Service Properties
Service Management Deleted Service Properties
Service Management Renew Certificate
Service Management SMTP Configuration
Service Management SAML Configuration
Saved Views Saved view shared
Saved Views Saved view deleted
Saved Views Saved view shared
Saved Views Saved view deleted
Service Groups Cloud service(s) added to Service Group
Users User logged in
Users User logged out
Users User login failed
Users User entered Captcha
Users User clicked forgot password
Users User password reset attempt (Success) 
Users User password reset attempt (Failure) 
Users User changed a password
Watchlists Users added to watchlist
Uncategorized Application Navigation
Uncategorized Enterprise Dashboard Show More View
Uncategorized Enterprise Dashboard Show Less View
Uncategorized Show Service Details
Uncategorized View Managed Services
Uncategorized Show Anomalies
Uncategorized Create an Anomaly Exception Rule
Uncategorized Delete an Anomaly Exception Rule
Uncategorized Setting a New Anomaly Threshold
Uncategorized Bundle Pushed to Proxy
Uncategorized Default Bundle Pushed to Proxy
Uncategorized On-Demand Scan
Uncategorized Quarantine Management
Uncategorized Manual Remediation
Uncategorized User Management Action
Uncategorized User Clicked Download Script
Uncategorized Manual Upload Started
Uncategorized Manual Upload Failed
Uncategorized Edit Settings for Data Feed
Uncategorized Risk Scoring Model Change
Uncategorized Threat Protection
  • Was this article helpful?