Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Audit Logs Overview

An audit log is a record of activities initiated by a user or by a process in a workflow that the user has initiated.

You can view a record of:

  • User management events such as account creation, modification, or deletion, and password change or reset.

    User account lockout, unsuccessful authentication, and successful authentication are also logged.

  • User-initiated activities such as creating, updating, or deleting a network implementation plan or a service and service resource from your network.

    For example, a log is generated when a service order is created after you publish a service instance or when a network implementation plan is modified. You can view information about the order such as the type of order, timestamp, user who initiated the order, and so, in the audit log.

  • System-run activities that are part of workflows in Paragon Automation. For example, committing the configurations defined in the network implementation plan on devices as part of the onboarding workflow by using the NETCONF protocol. Such tasks are recorded in the audit logs as system-initiated tasks even though the workflow is initiated by the user during the onboarding process.

    Also, activities that are part of the provisioning workflows of L3VPN, L2VPN, and L2Circuit services are also recorded in the Audit Logs page. The audit log includes information such as time the workflow was initiated, workflow run ID, the user who created the service order, and so on.

Audit logs are useful in tracking and maintaining a history of user-initiated and system-run activities.

Note:
  • Audit logging does not track device-initiated activities.

  • Audit logs are cleared every 30 days.

Superusers and network administrators can view and filter audit logs to determine which users performed which actions at what time.

For example, a superuser or network administrator can use audit logs to see who:

  • Added user accounts on a specific date.

  • Accessed the organization and at what time.

  • Updated or deleted an event (alert or alarm) template.

  • Added or deleted a site.