Skip to main content
Feedback

Audit log

The Audit Log provides comprehensive tracking of all changes made within the user interface and user actions across the system. This powerful monitoring tool helps maintain accountability and provides a detailed history of system modifications.

Accessing the Audit Log

You can access the audit information through two methods:

  1. User Interface

    Navigate to Admin > Audit Log. The Audit Log page provides a user-friendly way to review and analyze system changes.

  2. API Endpoints

    For programmatic access or integration purposes, audit data is available through the following API endpoints:

    • /api/audit/swagger/
    • /api/audit/swagger/v1/swagger.json

Filtering capabilities

The Audit Log features robust filtering options to help you quickly find specific information.. You can refine your search using multiple criteria:

  • Event Category: Filter by broad categories of system changes
  • Event Type: Narrow down to specific types of actions
  • Date Range: Focus on changes within a particular time period

You can combine these filters to create precise queries that match your audit review needs.

Event categories

The system organizes audit events into the following categories:

  • Configuration: System-level configuration changes
  • User Action: Actions performed by users within the system
  • Alerts: Alert-related activities and modifications
  • Reporting: Report generation and access events
  • Import/Export: Data import and export operations
  • Transfer: File transfer and movement activities
  • MFT Node: Node-related operations and changes
  • Security: Security-related events and access control

Event types

The system tracks a comprehensive set of event types, including:

User management

  • User Change: Modifications to user accounts
  • User Group Change: Changes to user group configurations
  • Permissions Change: Updates to permission settings
  • Organization Change: Modifications to organization settings

System configuration

  • Flow Change: Changes to flow configurations
  • Endpoint Change: Modifications to endpoints
  • MFTNode Change: Updates to ThruNode settings
  • Flow Endpoint Change: Changes to flow endpoint configurations

Security events

  • SSH Key Change: SSH key modifications
  • PGP Key Change: PGP key updates
  • Certificate Change: Certificate modifications
  • Login Success/Failed: Authentication attempts
  • SSO Login Success/Failed: Single Sign-On events
  • Session Timeout: Session expiration events
  • Account Lockout/Unban: Account security events
  • Forgot Username/Password: Account recovery actions

File operations

  • Delete Files: File deletion events
  • Manual File Download/Upload: Manual file operations
  • Generate File Share Link: URL generation for file access
  • Download Presigned File: Presigned URL usage

Alert management

  • Alert Acknowledge: Alert acknowledgment
  • Alert Clear: Alert clearing
  • Alert Suppress: Alert suppression
  • Alert Reactivate: Alert reactivation

Reporting and Data Management

  • Report Download: Report retrieval events
  • Flow Export/Import: Flow configuration transfers
  • Export ConnectionInfo: Connection information exports
  • Flow EndpointScheduleRun: Scheduled flow executions
  • Flow ManualRun: Manual flow initiations

Node management

  • MFTNode Install/Uninstall: Node deployment events

You can export the audit log to a CSV format.

On this Page