Audit Logs in ThreatKey
ThreatKey's audit logs provide a detailed record of platform activity. Learn how to access and utilize these logs to monitor user actions.
Overview
ThreatKey's audit logs provide visibility into user and system activity occurring within your ThreatKey instance. All major events like user logins, data access, and configuration changes are logged for auditing and troubleshooting purposes.
Accessing the Audit Logs
Audit logs can be accessed by navigating to Settings > Audit Log in the ThreatKey menu. This page provides a chronological list of all audit log entries.
Filters can be applied to narrow down the results by:
- User
- Action type
- IP address
- Timeframe
The log displays important details on each event:
- Timestamp
- User
- Action
- IP address
- Affected object
Logs can be exported as a CSV file for offline review and analysis upon request.
Use Cases
Typical use cases for the audit logs include:
- Reviewing user activity and access
- Change management audits
- Troubleshooting platform issues
- Correlating events with security incidents
- Compliance and auditing for standards like SOC2
Audit logs provide vital oversight into the ThreatKey platform. Consult these logs to monitor user actions and ensure proper use of the system.
Additional Resources
For more help with audit logs and platform monitoring, see:
- Audit log FAQs
- Platform security guide
- Contact our support team