Audit Logs

The AppSentinels API Security Platform generates detailed audit logs for all user actions and system-driven activities. These logs provide complete visibility into platform changes, helping teams track configuration updates, status changes, data exports, and other key actions. Audit logs play a crucial role in ensuring accountability, security, and compliance.

Types of Audit Logs

• Organization-Level Audit Logs
  These logs capture all activities across the entire organization, including every application within it. Use this view to get a centralized audit trail.
• Application-Level Audit Logs
  These logs are limited to a specific application and include only actions performed within that application's scope.

Accessing and Downloading Logs

Audit logs can be accessed and downloaded by navigating to Settings → Audit Logs → Download
This exportable format helps teams maintain records and support compliance reporting.

Filtering Audit Logs

AppSentinels provides a robust set of filters to help you quickly locate specific audit events. These filters make it easier to investigate changes, trace actions by users, and comply with auditing requirements.

You can filter audit logs using the following criteria:

• Username – View actions performed by a specific user.
• Action – Filter by actions such as delete, create, update, etc.
• Application – Limit results to a specific application.
• Category – Select the category of the activity (e.g., configuration, vulnerability, access control).
• Role – Filter logs based on the role of the user (e.g., Admin, Developer, Security Ops).
• Type – Filter based on the type of operation (e.g., system-driven or manual).
• Date Range – Use the From Date and To Date fields to search within a specific time window.

After applying filters, click Search to view the results. You can also click Clear Filters to reset all fields and start a new search.

These filters provide precise control to help streamline audits and enhance investigation efficiency.

Retention Policy

Audit log data is retained for 90 days from the date of the event. For longer-term needs, logs can be downloaded and archived externally.