Skip to Content
SecurityAudit Logs

Audit Logs

Track all actions performed in your Zettabit system for security and compliance.

What are Audit Logs?

Audit logs record every significant action:

  • Who performed the action
  • What action was taken
  • When it occurred
  • What changed (before/after values)

Why Audit Logs Matter

Security

  • Detect unauthorized access
  • Investigate security incidents
  • Monitor suspicious activity

Compliance

  • Meet regulatory requirements
  • Demonstrate accountability
  • Provide evidence for audits

Operations

  • Track changes over time
  • Debug issues
  • Understand system usage

Accessing Audit Logs

  1. Go to Settings > Audit Logs
  2. Or click Audit Logs in sidebar (if available)

Required permission: audit:read

Log Entry Information

Each log entry contains:

FieldDescription
TimestampWhen the action occurred
UserWho performed the action
ActionWhat was done
ResourceWhat was affected
DetailsAdditional information
IP AddressWhere the action came from

Logged Actions

Authentication Events

ActionDescription
user.loginUser logged in
user.logoutUser logged out
user.login.failedFailed login attempt
user.2fa.enabledTwo-factor enabled
user.2fa.disabledTwo-factor disabled
user.password.changedPassword changed

Client Actions

ActionDescription
client.createNew client added
client.updateClient information modified
client.deleteClient removed

Subscription Actions

ActionDescription
subscription.createSubscription created
subscription.updateSubscription modified
subscription.deleteSubscription cancelled
subscription.renewSubscription renewed

Package Actions

ActionDescription
package.createPackage created
package.updatePackage modified
package.deletePackage removed

Server Actions

ActionDescription
server.createServer added
server.updateServer settings changed
server.deleteServer removed
server.syncManual sync triggered

User Management

ActionDescription
user.createUser created
user.updateUser modified
user.deleteUser removed
role.createRole created
role.updateRole permissions changed
role.deleteRole removed

Settings Changes

ActionDescription
settings.updateSystem settings modified

Filtering Logs

By Date Range

Select start and end dates to view logs from a specific period.

By User

Filter to see actions by a specific user:

  • Select user from dropdown
  • Or search by name

By Action Type

Filter by category:

  • Authentication
  • Clients
  • Subscriptions
  • Packages
  • Network
  • Users
  • Settings

By Resource

Find logs related to a specific record:

  • Client ID
  • Subscription ID
  • Server name

Searching Logs

Use the search box to find logs containing specific text:

  • User names
  • Client names
  • IP addresses
  • Action types

Viewing Log Details

Click on a log entry to see full details:

Example: Client Update

Action: client.update
User: admin@yourcompany.com
Time: 2024-01-15 10:30:45
IP: 192.168.1.100

Changes:
- name: "John Doe" → "John M. Doe"
- phone: "01712345678" → "01712345679"

Exporting Logs

Export logs for external analysis or compliance:

  1. Set your filters
  2. Click Export
  3. Choose format (CSV, JSON)
  4. Download file

Exports respect your current filters.

Log Retention

Logs are retained based on your settings:

SettingRetention
Standard90 days
Extended1 year
Compliance7 years

Configure in Settings > Advanced > Data Retention.

Best Practices

Regular Review

  • Check logs weekly for unusual activity
  • Set up alerts for critical actions
  • Review failed login attempts

Incident Investigation

When investigating:

  1. Identify the timeframe
  2. Filter by affected resource
  3. Review all related actions
  4. Check who was involved
  5. Document findings

Compliance Audits

For audits:

  1. Export logs for the audit period
  2. Include authentication events
  3. Show access to sensitive data
  4. Demonstrate access controls

Troubleshooting

Missing logs

  • Logs for actions before implementation won’t exist
  • Check date range filter
  • Verify your permissions

Log shows wrong user

  • User might have been impersonated by admin
  • Check for API key usage
  • Review session information

Too many logs

  • Use filters to narrow down
  • Export and analyze externally
  • Consider increasing retention granularity

Required Permissions

ActionPermission Required
View logsaudit:read
Export logsaudit:read

Typically available to Admin and Manager roles.

Last updated on
Active Sessions