Audit trail
The audit trail () logs user activity.
The audit trail logs date and time, user name, activity, object and additional
details for actions performed by users. Administrators see activity of all users.
Individual users see only their own activity.
- Data can be filtered by category, activity, object and date.
- The full or filtered table can be exported as a CSV or JSON file.
Audit trail entries are deleted automatically after six months.
| Object | Category | Activity |
|---|---|---|
| Application | Create | Create application, generate application report, import application |
| Update | Edit application, enable/disable policies, add/update baseline policy, reset application | |
| Delete | Delete application | |
| Asset group | Create | Create asset group |
| Update | Update asset group, change issues status inheritance setting | |
| Delete | Delete asset group | |
| Correlation group | Update | Update status, update severity |
| Fix group | Update | Update status, update severity |
| Login | Login | Logins through the UI are logged once per minute; logins through the API are logged once per hour. |
| Policy | Create | Create custom policy |
| Update | Edit policy, associate/disassociate with applications | |
| Delete | Delete custom policy | |
| Presence | Create | Create Presence |
| Update | Update Presence | |
| Delete | Delete Presence | |
| Role | Create | Create custom role |
| Update | Edit role permissions | |
| Delete | Delete custom role | |
| Scan | Create | Create scan, generate scan report |
| Update | Edit scan | |
| Delete | Delete scan | |
| Scan execution | Create | Create scan execution, generate scan execution report |
| Delete | Delete scan execution | |
| User | Create | Invite user |
| Update | Update user role | |
| Delete | Delete user |