Audit Log (Syslog)

Track system changes with a clear, chronological audit log for accountability and quick investigation

Tracking system changes and understanding administrative actions can be complex:

Changes occur without a clear audit trail, making accountability difficult.
Lack of visibility into events can delay issue resolution and create security risks.

The Audit Log page provides a record of administrative events, detailing who did what, when, and where, to ensure transparency and accountability.

You can create an audit log webhook to automatically send Apono audit log notifications to a target system whenever an audit log event occurs.

Page Layout

The Audit Log page consists of an event table and filtering options.

Table

The Audit Log page presents a table containing all administrative events. Each row summarizes the high-level details of an event.

The columns are defined in the following table.

Column

Description

Time

Date and time the event occurred

The most recent events are listed first.

Action

Event performed, such as creating, editing, or deleting an item

Actor

Name of the user who performed the action

Possible Values:

System (Apono)
Full name and Email (User)

Target

Specific object affected by the action

Source

Location where the action originated

Possible Sources:

Web Application (UI)
Integration
Terraform (identified by the actor's personal API token
API (public API identified by the actor's personal API token)

Filters

You can filter the list of events by one or several of the following filters.

All Time

Relative

Follow these steps to set the relative time filter:

Click All time, a menu appears.
On the Relative tab, from the Last dropdown menu, select a time measure.
In the Last text field, enter a number.
(Optional) Click Round to the hours|days|months to begin the time filtering from the nearest hour, day, or month.
Click Apply. The filter turns blue and shows a summary.

Absolute

Follow these steps to set the absolute time filter:

Click All time, a menu appears.
On the Absolute tab, under From, select the start date from the date picker.
Select the start time (local system time) from the time picker.
Under To, select the end date from the date picker.
Select the end time (local system time) from the time picker.
(Optional) Click Use UTC to apply the Coordinated Universal Time (UTC) timezone to the start and end times instead of the local system time.
Click Apply. The filter turns blue and shows a summary.

Action

Follow these steps to filter the logs by action:

Click Action, a menu appears.
Select one or several actions.
Click the top or outside of the dropdown menu to close it. The filter turns blue and shows a summary.

Source

Follow these steps to filter the logs by source:

Click Source, a menu appears.
Select one or several sources.
Click the top or outside of the dropdown menu to close it. The filter turns blue and shows a summary.

Actor

Follow these steps to filter the logs by actor:

Click Actor, a menu appears.
Select one or several actors.
Click the top or outside of the dropdown menu to close it. The filter turns blue and shows a summary.

Target Type

Follow these steps to filter the logs by target type:

Click Target Type, a menu appears.
Select one or several target types.
Click the top or outside of the dropdown menu to close it. The filter turns blue and shows a summary.

View event information

Apono allows you to see specific event changes.

Follow these steps to view the details of an event:

On the Audit Log page, click the row of the event in the table. A panel opens displaying the Event details and Event changes.
Click the X in the top right corner to close the panel.

Event Details

The top of the panel summarizes the audit log information from the table on the Audit Log page.

Event Changes

In the Event changes section, changes to the JSON are displayed using a Git-like diff format.

The characteristics of the old and new information are compared in the following table.

Characteristic

Old Information

New Information

Sign Prefix

Minus sign (-)

Plus sign (+)

Color Highlighting

Red

Green

Special Formatting

Specific words or text fragments that have changed are highlighted.

N/A

By default, a truncated JSON with the highlighted information is shown. To see the entire JSON, you can click the Expand link.

In the following screenshot, the user group (attribute_value) within this access flow and the most recent updated date (updated_date) are highlighted because they have been updated.

PreviousGenerating Audit Reports and Access Reviews NextIntegration Status Page

Last updated 12 days ago