System Logs
View, filter, and export audit logs, system events, and API access logs from the Aurva platform.
System Logs provide a tamper-evident record of everything that happens on the Aurva platform -- administrative actions, system events, and API access.
Log Categories
| Category | What It Records |
|---|---|
| Audit Logs | User actions: login/logout, policy changes, finding resolution, role assignments |
| System Events | Platform health: agent connectivity, scan completion, upgrade events, errors |
| API Access | API calls: endpoint, caller identity, request method, response status, timestamp |
Viewing Logs
Navigate to Settings -> System Logs to access the log viewer. Use the filters to narrow results:
- Category -- Audit, System, or API
- Time range -- last hour, day, week, or custom
- User -- filter by the actor who performed the action
- Action type -- e.g.
policy.created,user.login,scan.completed - Severity -- Info, Warning, Error
Log Details
Each log entry includes:
| Field | Description |
|---|---|
| Timestamp | UTC time of the event |
| Category | Audit, System, or API |
| Actor | User email or system component |
| Action | Machine-readable action code |
| Description | Human-readable summary |
| IP Address | Source IP (for user and API actions) |
| Status | Success or Failure |
Retention
Logs are retained in the Aurva console for 90 days by default. To retain logs longer:
- Export to Email & S3 using an alert route configured for audit events
- Forward to your SIEM for long-term storage and correlation
Export
Click Export in the log viewer to download the current filtered view as CSV or JSON. For automated export, configure an S3 alert route and enable the System Logs event type.
For compliance audits, combine System Logs exports with Audit Trail data from DAM to provide a complete evidence package.
Related Pages
- Access Management -- roles and SSO configuration
- Users -- manage user accounts
- Email & S3 -- long-term log archival to S3