icon-zws.svg
Workflow Automation

About Audit Logs

The Audit Logs page records and displays the actions of every admin in the Workflow Automation Admin Portal and the actions that occur through the Workflow Automation APIs.

Audit logs provide the following benefits and enable you to:

  • View alterations that are made in the Workflow Automation Admin Portal.
  • View details on all the changes made by an admin.
  • Detect and investigate suspicious activity and track unauthorized access to the Workflow Automation Admin Portal.

About the Audit Logs Page

On the Audit Logs page (Setup > Audit Logs), you can do the following:

  1. Select a time range for the audit logs displayed.
  2. Filter the audit logs by admin, action, module, or resource.
  3. Reset all the applied filters.
  4. Search for an audit log.
  5. View a list of actions that have occurred. For each action, you can see:
    • Timestamp: The date and time when the action occurred.
    • Action: The action that the admin performed in the Workflow Automation Admin Portal or the action performed by an API. Potential actions include:
      • Insert
      • Update
      • Delete
    • Module: The module for which an admin or API action was recorded. Potential modules include:
      • API Keys
      • Csv Upload

      • Customers

        Changes made to the Privacy and Security section of the Account Settings page appear with this module.

      • DLP
      • Incident Group
      • Integrations
      • Template Mapping
      • Workflow
    • Resource: The audited entity within a module. Potential resources include:
      • Admin Configuration
      • API Key
      • Csv User Data

      • Customer

        Changes made to the Privacy and Security section of the Account Settings page appear with this resource.

      • Incident Group
      • Integration Configuration
      • Template Mapping
      • Workflow Definition
    • Admin ID: The login ID of the admin who performed the actions in the Workflow Automation Admin Portal. If the admin has a shared login ID, this field displays no value.
    • Change Notes: The metadata of the configuration changes that occurred in the Workflow Automation Admin Portal.

  6. To view the configuration changes, click the View icon next to an audit log entry. The Change window appears and the differences between the pre-changes configuration and post-changes configuration are highlighted.

    There are three types of actions you can view:

    • Insert. The following image displays an example of a CSV upload insert:

    • Update. The following image displays an example of an update to an incident group:
    • Delete. The following image displays an example of a deleted API key:
    Close
Audit Logs Page
Related Articles
Configuring the DLP Application Integration Using Amazon Web ServicesConfiguring the DLP Application Integration Using AzureAdding IntegrationsManaging DLP AWS Application Integrations in Workflow AutomationManaging DLP Azure Application Integrations in Workflow AutomationManaging Workflow Automation Integration with SlackManaging Workflow Automation Integration with Microsoft TeamsManaging Workflow Automation Integration with ServiceNowManaging Workflow Automation Integration with Jira SoftwareManaging Roles and PermissionsManaging Admin AssignmentsManaging PrioritiesManaging ApproversManaging Notification TemplatesAdding Email Notification TemplatesAdding Slack Notification TemplatesAdding Microsoft Teams Notification TemplatesManaging Survey TemplatesManaging Incident and Digest Template MappingsManaging Account SettingsManaging User AttributesManaging Integration UsersManaging LabelsManaging Custom Email DomainsAbout Audit Logs