Audit trail

The audit trail (Organization > Audit trail) logs user activity.

The audit trail logs date and time, user name, activity, object and additional details for actions performed by users. Administrators see activity of all users. Individual users see only their own activity.
  • Data can be filtered by category, activity, object and date.
  • The full or filtered table can be exported as a CSV or JSON file.

Audit trail entries are deleted automatically after six months.

Category Activity Object
Create Create application, generate application report, import application Application
Update Edit application, enable/disable policies, add/update baseline policy, reset application Asset group
Delete Delete application Correlation group
Create Create asset group Fix group
Update Update asset group, change issues status inheritance setting Login
Delete Delete asset group Policy
Update Update status, update severity Role
Update Update status, update severity Scan
Login Logins through the UI are logged once per minute; logins through the API are logged once per hour. Scan execution
Create Create custom policy User
Update Edit policy, associate/disassociate with applications
Delete Delete custom policy
Create Create custom role
Update Edit role permissions
Delete Delete custom role
Create Create scan, generate scan report
Update Edit scan
Delete Delete scan
Create Create scan execution, generate scan execution report
Delete Delete scan execution
Create Invite user
Update Update user role
Delete Delete user