🚀 SecureCheap is live — Start free →
Team & Access
Audit Log

Audit Log

The audit log records every action taken by team members and the system.

What's logged

CategoryExamples
AuthLogin, logout, failed login, MFA change
TeamMember invited, role changed, member removed
MonitorsCreated, edited, deleted, paused
IntegrationsConnected, disconnected, credential rotated
ScansTriggered, completed, report downloaded
AlertsAcknowledged, resolved, silenced
SettingsAPI key created/revoked, notification channel added
BillingPlan upgraded/downgraded, invoice paid

Log entry fields

{
  "id": "evt_01HXYZ",
  "timestamp": "2025-05-21T14:32:00Z",
  "actor": { "id": "usr_abc", "email": "[email protected]", "ip": "1.2.3.4" },
  "action": "monitor.created",
  "resource": { "type": "monitor", "id": "mon_xyz", "name": "api.myapp.com" },
  "workspace_id": "ws_123",
  "metadata": { "interval_minutes": 5, "check_type": "http" }
}

Retention

PlanRetention
Free7 days
Pro90 days
Enterprise1 year (with export)

Export

Audit logs can be exported as CSV or JSON via:

  • UI: Settings → Audit Log → Export
  • API: GET /api/v1/audit-logs?from=…&to=…&format=csv

SIEM integration

Forward audit logs to your SIEM in real-time via the Webhook or Syslog output:

{
  "target": "https://siem.mycompany.com/ingest",
  "format": "json",
  "auth": "Bearer my-siem-token",
  "filter": { "severity": ["warning", "critical"] }
}