{"id":2558,"date":"2025-07-02T12:44:04","date_gmt":"2025-07-02T12:44:04","guid":{"rendered":"https:\/\/zecurit.com\/help\/docs\/asset-manager\/settings\/security-compliance\/activity-log\/"},"modified":"2025-07-04T07:04:15","modified_gmt":"2025-07-04T07:04:15","slug":"activity-log","status":"publish","type":"docs","link":"https:\/\/zecurit.com\/help\/asset-management\/settings\/security-compliance\/activity-log\/","title":{"rendered":"Activity Log"},"content":{"rendered":"\n

The Activity Log<\/strong> in Zecurit is a powerful auditing tool that tracks every key action taken within your organization\u2019s environment. It helps administrators monitor system activity, trace security events, and ensure accountability across users, modules, and operations.<\/p>\n\n\n\n

\n

Only Admins and Super Admins can view and access the Activity Log.<\/p>\n<\/blockquote>\n\n\n\n

Key Capabilities<\/h2>\n\n\n\n
    \n
  • Complete audit trail<\/strong> of user and system actions<\/li>\n\n\n\n
  • Real-time visibility into who did what, when, and from where<\/li>\n\n\n\n
  • Supports filtering by module<\/strong>, user<\/strong>, log type<\/strong>, and date range<\/strong><\/li>\n\n\n\n
  • Helps identify suspicious activities or unauthorized changes<\/li>\n\n\n\n
  • Logs can be exported in CSV\/PDF for offline review or compliance reports<\/li>\n<\/ul>\n\n\n\n

    What is Logged?<\/h2>\n\n\n\n

    Every log entry captures critical metadata for full traceability:<\/p>\n\n\n\n

    Field<\/th>Description<\/th><\/tr><\/thead>
    Date & Time<\/td>When the action occurred<\/td><\/tr>
    User<\/td>The user who performed the action<\/td><\/tr>
    Module<\/td>The feature area involved (e.g., Enrollment, Settings, Reports)<\/td><\/tr>
    Remarks<\/td>Description of the action taken<\/td><\/tr>
    IP Address<\/td>Public IP of the user device<\/td><\/tr>
    Log Type<\/td>Info, Warning, Critical (based on severity)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

    Log Types and Severity<\/h2>\n\n\n\n
    Type<\/strong><\/th>Meaning<\/strong><\/th>Example<\/strong><\/th><\/tr><\/thead>
    Info<\/strong><\/td>Normal user actions and configuration updates<\/td>Role assignment, password change<\/td><\/tr>
    Warning<\/strong><\/td>Sensitive actions that may require attention<\/td>User deactivation, license deletion<\/td><\/tr>
    Critical<\/strong><\/td>Security-impacting or high-risk actions<\/td>MFA disabled, failed logins, agent uninstall<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

    Modules & Examples<\/h2>\n\n\n\n

    Below are common examples of actions logged by module:<\/p>\n\n\n\n

    Settings<\/strong><\/h3>\n\n\n\n
      \n
    • User invited or deleted<\/li>\n\n\n\n
    • Role or group modified<\/li>\n\n\n\n
    • Rebranding or group changes<\/li>\n\n\n\n
    • Data cleanup setting updated<\/li>\n<\/ul>\n\n\n\n

      Accounts<\/strong><\/h3>\n\n\n\n
        \n
      • User activated\/deactivated<\/li>\n\n\n\n
      • Password reset or changed<\/li>\n\n\n\n
      • Email address changed<\/li>\n\n\n\n
      • MFA enabled\/disabled<\/li>\n\n\n\n
      • Login attempt failures and account locks<\/li>\n<\/ul>\n\n\n\n

        Enrollment<\/strong><\/h3>\n\n\n\n
          \n
        • Agent installed or removed<\/li>\n\n\n\n
        • Connector added or deleted<\/li>\n\n\n\n
        • Domain added, edited, or removed<\/li>\n\n\n\n
        • Manual uninstall by end user<\/li>\n<\/ul>\n\n\n\n

          Inventory<\/strong><\/h3>\n\n\n\n
            \n
          • Scheduled scan created\/paused\/edited<\/li>\n\n\n\n
          • On-demand scan initiated<\/li>\n\n\n\n
          • Software license added\/edited\/deleted<\/li>\n\n\n\n
          • Export of inventory data<\/li>\n<\/ul>\n\n\n\n

            Reports<\/strong><\/h3>\n\n\n\n
              \n
            • Exported report file types (XLSX, CSV, PDF)<\/li>\n\n\n\n
            • Filters or date ranges used during export<\/li>\n<\/ul>\n\n\n\n

              Filtering and Searching<\/h2>\n\n\n\n

              Use filters to quickly locate specific events:<\/p>\n\n\n\n

                \n
              • By Module<\/strong>: Narrow down to actions within a feature<\/li>\n\n\n\n
              • By Log Type<\/strong>: Focus on warnings or critical events<\/li>\n\n\n\n
              • By Date Range<\/strong>: View activity within a specific period<\/li>\n\n\n\n
              • By User<\/strong>: Track actions of a particular user or technician<\/li>\n<\/ul>\n\n\n\n

                Exporting Logs<\/h2>\n\n\n\n

                You can export logs in CSV<\/strong> or PDF<\/strong> format for:<\/p>\n\n\n\n

                  \n
                • Internal audits<\/li>\n\n\n\n
                • Compliance evidence (GDPR, SOC2, etc.)<\/li>\n\n\n\n
                • Security investigations<\/li>\n<\/ul>\n\n\n\n

                  Security & Governance<\/h2>\n\n\n\n
                    \n
                  • All agent uninstall actions, logins, and security setting changes are tagged as Critical<\/strong><\/li>\n\n\n\n
                  • End-user actions (e.g., agent uninstall, password attempts) are also logged for accountability<\/li>\n\n\n\n
                  • IP restrictions and session events are tracked in conjunction with user logs<\/li>\n<\/ul>\n\n\n\n

                    Best Practices<\/h2>\n\n\n\n
                      \n
                    • Regularly review the activity log<\/strong> to detect suspicious or unauthorized actions<\/li>\n\n\n\n
                    • Use logs as evidence during compliance audits<\/strong> or security investigations<\/strong><\/li>\n\n\n\n
                    • Export monthly logs<\/strong> for backup or long-term record keeping<\/li>\n<\/ul>\n\n\n\n

                      Summary<\/h2>\n\n\n\n

                      The Activity Log helps Zecurit customers maintain visibility, accountability, and control over their environment. It\u2019s a critical tool for:<\/p>\n\n\n\n

                        \n
                      • Audit trails<\/strong><\/li>\n\n\n\n
                      • Security monitoring<\/strong><\/li>\n\n\n\n
                      • Change tracking<\/strong><\/li>\n\n\n\n
                      • Compliance evidence<\/strong><\/li>\n<\/ul>\n\n\n\n
                        \n

                        Always monitor your Activity Log, especially after role changes, security setting modifications, or user onboarding.<\/p>\n<\/blockquote>\n\n\n\n

                        <\/p>\n","protected":false},"featured_media":0,"parent":2553,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","doc_tag":[],"class_list":["post-2558","docs","type-docs","status-publish","hentry"],"comment_count":0,"_links":{"self":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2558","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/types\/docs"}],"replies":[{"embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/comments?post=2558"}],"version-history":[{"count":2,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2558\/revisions"}],"predecessor-version":[{"id":2625,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2558\/revisions\/2625"}],"up":[{"embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2553"}],"wp:attachment":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/media?parent=2558"}],"wp:term":[{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/doc_tag?post=2558"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}