Security Audit Log

The Security Audit Log provides account administrators a way to monitor any changes or logins made to the account.

Access the Log:

Navigate to Account > Security Audit from the sidebar of the dashboard.

This report will show any actions that have been performed in the account, including logins, user deletions, alarm creations, and much more.

SAA.gif

Similar to other reports the Security Audit Log can be filtered based on time and gives the option to export the report to a CSV file.

Create an Alarm:

The Security Audit Log also allows alarms to be created based on certain conditions. We can create one of these alarms either by going to Alarms and selecting "Security Audit" when making a new alarm or by clicking on "Create Alarm" at the top of the log.

The interface of the alarm creation page is very similar to an Activity Alarm, but the fields we can set to trigger the alarm are different:

ActivTrak ID This is the login for the user, i.e., example@youremail.com
Public IP Address The public internet protocol address a user logged in from
Description A detailed description of the activity performed (logged in, deleted users, etc).
Event The Activity performed.
Action Type The type of action taken (logging in, deleting something, creating, etc).

 

Now that the alarm triggers have been set, the action taken must be configured. The Security Audit Alarm provides the option to send an email once it's triggered.

The subject and email bodies can both be filled with fields that will change based on who triggers the alarm and when it was triggered. 

SAA2.gif

 

NOTE: If an admin is deleted from the account, the logs in the Security Audit Log for that admin will not be deleted.

 

The Security Audit Log is available as part of the Advanced Plan

Was this article helpful?

0 out of 0 found this helpful

Comments

No comments