View audit log (hosted customers)
Contrast captures activity about user sessions including changes to settings or licenses, actions on vulnerabilities, and much more.
Before you begin
This feature is supported for hosted customers only. On-premises customers should visit View audit log.
If you are using role-based access control, the View audit logs action is required.
Role-based access control is part of the Contrast pre-release customer testing program. If you want access to this feature, contact your Contrast representative.
If you are using users and groups for access control, an Organization Admin role is required.
Steps
From the user menu, select Organization settings.
Select Audit log.
Search for a message or specify a date range.
You can search for text or a specific date.
Audit log details
The audit log contains these details:
Alerts | Creating Deleting Updating |
Applications | Applying a license Archiving Changing Assess rule configurations Changing organization settings Enabling/disabling a rule Merging/unmerging Restoring Resetting |
Attacks | Adding notes to events Creating/Editing/Deleting notes Suppressing |
Bugtrackers | Creating Updating |
Adding domains Sharing libraries | |
Groups | Creating/Updating/Modifying membership of organization groups |
IP ranges | Adding Removing |
Keys | Rotating API and Agent service keys |
Notification settings | Updating for an organization or user |
Patches | Creating/Updating/Toggling/Deleting virtual patches |
Policies | Changing cleanup settings Changing library restrictions Changing password Changing scoring Changing timeouts Creating/Deleting/Disabling/Enabling/Updating compliance policies Creating/Deleting/Updating/Enabling organization remediation policies Creating/Deleting/Updating/Enabling security controls Creating/Deleting/Updating/Enabling rule exclusion policies |
Reports | Creating reports Vulnerability trend reports |
Role-based access control Role-based access control is a preview feature and not turned on for all users. | Creating/Updating/Deleting users Creating/Updating/Deleting resource groups Creating/Updating/Deleting roles: Includes updates to built-in roles. Creating/Updating/Deleting user access groups |
Scan | Creating/Deleting scan projects Running a scan Changing the status of a vulnerability |
Servers | Changing defaults Creating notifications Deleting/Disabling/Updating/Removing licenses Enabling/Disabling Protect |
SuperAdmin | Creating Impersonating a user Updating |
Traces | Adding/Editing/Deleting notes Auto-remediation Sharing/Deleting/Merging/Marking status of a trace (or bulk traces) Updating severities |
Users | Adding Activating Changing access Creating/creation via provisioning/in bulk Deleting Granting/Revoking Protect Importing into an organization Underprivileged user attempts Updating |
Webhooks | Creating |