Skip to main content

View audit log (hosted customers) Hosted customers only

Contrast captures activity about user sessions including changes to settings or licenses, actions on vulnerabilities, and much more.

Before you begin

  • This feature is supported for hosted customers only. On-premises customers should visit View audit log.

  • If you are using role-based access control, the View audit logs action is required.

    Role-based access control is part of the Contrast pre-release customer testing program.  If you want access to this feature, contact your Contrast representative.

  • If you are using users and groups for access control, an Organization Admin role is required.

Steps

  1. From the user menu, select Organization settings.

  2. Select Audit log.

  3. Search for a message or specify a date range.

    You can search for text or a specific date.

    Image shows the filters for the Audit log for hosted customers.

Audit log details

The audit log contains these details:

Alerts

Creating

Deleting

Updating

Applications

Applying a license

Archiving

Changing Assess rule configurations

Changing organization settings

Enabling/disabling a rule

Merging/unmerging

Restoring

Resetting

Attacks

Adding notes to events

Creating/Editing/Deleting notes

Suppressing

Bugtrackers

Creating

Updating

Email

Adding domains

Sharing libraries

Groups

Creating/Updating/Modifying membership of organization groups

IP ranges

Adding

Removing

Keys

Rotating API and Agent service keys

Notification settings

Updating for an organization or user

Patches

Creating/Updating/Toggling/Deleting virtual patches

Policies

Changing cleanup settings

Changing library restrictions

Changing password

Changing scoring

Changing timeouts

Creating/Deleting/Disabling/Enabling/Updating compliance policies

Creating/Deleting/Updating/Enabling organization remediation policies

Creating/Deleting/Updating/Enabling security controls

Creating/Deleting/Updating/Enabling rule exclusion policies

Reports

Creating reports

Vulnerability trend reports

Role-based access control

Role-based access control is a preview feature and not turned on for all users.

Creating/Updating/Deleting users

Creating/Updating/Deleting resource groups

Creating/Updating/Deleting roles: Includes updates to built-in roles.

Creating/Updating/Deleting user access groups

Scan

Creating/Deleting scan projects

Running a scan

Changing the status of a vulnerability

Servers

Changing defaults

Creating notifications

Deleting/Disabling/Updating/Removing licenses

Enabling/Disabling Protect

SuperAdmin

Creating

Impersonating a user

Updating

Traces

Adding/Editing/Deleting notes

Auto-remediation

Sharing/Deleting/Merging/Marking status of a trace (or bulk traces)

Updating severities

Users

Adding

Activating

Changing access

Creating/creation via provisioning/in bulk

Deleting

Granting/Revoking Protect

Importing into an organization

Underprivileged user attempts

Updating

Webhooks

Creating