AI Advisory

Audit Logs

Search and review recorded application activity.

Purpose and access

Audit Logs record authentication, document, administrative, and other system events. Access should be limited to authorized operational, security, and compliance personnel.

Audit Logs page showing event totals, filters, and activity table

Investigate activity

  1. Open Audit Logs and allow the activity table to finish loading.
  2. Review the summary counters for total events, warnings and errors, access denials, and logins.
  3. Search by user, resource, or action.
  4. Filter by action, resource, severity, or date range.
  5. Review timestamp, severity, action, resource, user, and target together.
  6. Open event details when additional context is required.
  7. Export logs only when authorized and store the file securely.

Expected result: The activity table shows only events matching the selected criteria.

An error event is a signal to investigate, not automatic proof of malicious activity. Correlate it with user context and related events.

On this page