Audit Log¶
The Audit Log helps tenant owners and partners review recent administrative actions within a tenant. It answers the practical questions “who changed what, and when?” for items such as policies, host lists, tenant settings, and membership changes.
How to Use¶
Open the portal, select the tenant you want to inspect, and then click “Audit Log” in the left‑hand menu. The page lists the most recent five hundred actions in reverse chronological order. If you need to share or analyze the data elsewhere, you can download the visible list using the CSV export button.
What You See¶
Each row shows when the action happened, who performed it, and what was changed. The Action column uses clear verbs (Created, Updated, Deleted, Viewed). The Source IP column shows the client address for the request. The Details column contains a short, human‑readable sentence that summarizes the event, for example: “Created Policy ‘Acceptable Use’ (id: 123).”
Alert Comments¶
When an administrator adds a comment to an alert, the action is recorded in the audit log with the author's email address and the alert ID. This makes it easy to track who contributed to an investigation and when.
Privacy Notes¶
Audit entries belong to the tenant and are removed automatically if the tenant is deleted. Removing an administrator account does not delete past entries, because the log stores the email address as text. The Details sentence is designed to be concise and avoids showing sensitive content.