Audit¶
The Audit page on the BoostSecurity dashboard provides a detailed log of system activities, enabling administrators to monitor and review actions performed within the platform. This page is essential for maintaining security, ensuring compliance, and troubleshooting issues by offering a clear record of events such as API key changes, user logins, and policy updates. With robust filtering, the Audit page empowers users to track specific activities, identify potential security concerns, and maintain oversight of system operations.
Understanding the Audit Page Layout¶
The Audit page is organized into the following key sections:
Filter By Section¶
Located at the top of the page, this section allows you to refine the displayed events based on specific criteria.
Available Filters include:
- Event Types: Select specific actions to display (e.g.,
ApiKeyDeleted
,Auth0 Login Success
,Asset Policy Updated
). Use the dropdown to choose one or more event types. - Users: Filter events by the user who performed the action (e.g.,
audreyhunt@example.com...
,burt.swolf@gjep...
). Select a user from the dropdown. - Range: Specify a date range for the events (e.g., from
dd/mm/yyyy to dd/mm/yyyy
). Use the date picker to set the start and end dates.
Event Log Table¶
The main section of the page displays a table with the following columns:
- Date: The date and time an event occurred (e.g.,
30/03/2025 14:01:12
). Times are shown in the user’s local timezone (e.g.,EST
,GMT
). - Action: The type of event or action performed (e.g.,
ApiKeyDeleted
,Auth0 Login Success
). - Completed By: The user or entity responsible for the action (e.g.,
Adron Bozkovic...
,Shelly Hutton...
). - Description: A detailed summary of the event (e.g.,
API KEY test-and-delete with roles:USER was created or updated, Successful login for google-oauth2|11365000956697.... from 214.00.39.104
).
Using the Audit Page¶
Follow these steps to effectively utilize the Audit page:
-
View All Events:
Upon loading the page, the table displays all recent events by default, sorted by date in descending order (newest first). Scroll through the table to review the date, action, user, and description of each event.
-
Filter Events:
To narrow down the event log:
- Click the Event Types dropdown to select specific actions (e.g.,
ApiKeyDeleted
orAuth0 Login Success
). - Use the Users dropdown to filter by a specific user.
Set a custom date range using the Range filter by selecting start and end dates (e.g., from
23/05/2025
to30/05/2025
).The table will automatically update to reflect your selected filters.
- Click the Event Types dropdown to select specific actions (e.g.,
-
Reset Filters
To clear all applied filters and return to the default view:
- Click the Clear All button at the top-right of the table.
Example Use Cases¶
- Security Monitoring: Identify unauthorized access by filtering for Auth0 Login Success events and reviewing the IP addresses in the descriptions.
- Troubleshooting: Investigate a user’s failed login attempts by filtering for Auth0 Login Failed events associated with their account.