Skip to main content
Feedback

Audit log

The Audit Log provides comprehensive tracking of all changes made within the user interface and user actions across the system. This powerful monitoring tool helps maintain accountability and provides a detailed history of system modifications.

Accessing the Audit Log

You can access the audit information through two methods:

  1. User Interface

    Navigate to the Admin page in the application, where you'll find the dedicated "Audit Log" section. This interface provides a user-friendly way to review and analyze system changes.

  2. API Endpoints

    For programmatic access or integration purposes, audit data is available through the following API endpoints:

    • /api/audit/swagger/
    • /api/audit/swagger/v1/swagger.json

Filtering capabilities

The Audit Log includes robust filtering options to help you find specific information quickly. You can refine your search using multiple criteria:

  • Event Category: Filter by broad categories of system changes
  • Event Type: Narrow down to specific types of actions
  • Date Range: Focus on changes within a particular time period

You can combine these filters to create precise queries that match your audit review needs.

Event categories

The system organizes audit events into the following categories:

  • Configuration: System-level configuration changes
  • UserAction: Actions performed by users within the system
  • Alerts: Alert-related activities and modifications
  • Reporting: Report generation and access events
  • ImportExport: Data import and export operations
  • Transfer: File transfer and movement activities
  • MFTNode: Node-related operations and changes
  • Security: Security-related events and access control

Event types

The system tracks a comprehensive set of event types, including:

User management

  • UserChange: Modifications to user accounts
  • UserGroupChange: Changes to user group configurations
  • PermissionsChange: Updates to permission settings
  • OrganizationChange: Modifications to organization settings

System configuration

  • FlowChange: Changes to flow configurations
  • EndpointChange: Modifications to endpoints
  • ThruNodeChange: Updates to ThruNode settings
  • FlowEndpointChange: Changes to flow endpoint configurations

Security events

  • SSHKeyChange: SSH key modifications
  • PGPKeyChange: PGP key updates
  • CertificateChange: Certificate modifications
  • LoginSuccess/Failed: Authentication attempts
  • SSOLoginSuccess/Failed: Single Sign-On events
  • SessionTimeout: Session expiration events
  • AccountLockout/Unban: Account security events
  • ForgotUsername/Password: Account recovery actions

File operations

  • DeleteFile: File deletion events
  • ManualFileDownload/Upload: Manual file operations
  • GeneratePresignedUrl: URL generation for file access
  • DownloadPresignedFile: Presigned URL usage

Alert management

  • AlertAcknowledge: Alert acknowledgment
  • AlertClear: Alert clearing
  • AlertSuppress: Alert suppression
  • AlertReactivate: Alert reactivation

Reporting and Data Management

  • ReportDownload: Report retrieval events
  • FlowExport/Import: Flow configuration transfers
  • ExportConnectionInfo: Connection information exports
  • FlowEndpointScheduleRun: Scheduled flow executions
  • FlowManualRun: Manual flow initiations

Node management

  • MFTNodeInstall/Uninstall: Node deployment events

Audit can also be exported from this view to a csv format.

On this Page