Action log
  • 20 Jul 2023
  • 1 Minute to read
  • PDF

Action log

  • PDF

Article Summary

Action Log is nothing but an audit log of actions taken. Traceable captures all the actions carried out by you in the Administration () → Account Action log menu. The action log is available in the following two categories:

  • Traceable - This category captures all the actions that are taken by Traceable, for example, threat actor status change, threat actor severity change, and so on.
  • User related - This category captures all the actions taken by user, for example, log in, log out, and so on.

The action log entries are collected from all the environments and a maximum of 1-week old changes can be viewed. 

You can also select the category of actions to filter based on whether the action was carried out by you (the user) or Traceable. The actions carried out by Traceable are denoted by the Traceable icon ().

Following is a list of types of action logs that are captured for both the categories:

  • Data classification configuration change
  • Data collection activity
  • Notification configuration change
  • Protection configuration change
  • Team user change
  • Threat activity severity change
  • Threat activity status change
  • User login
  • User logout

All the actions available in action log are also available to generate Notifications, except Logged threat activity and blocked threat activity. These two are excluded from the action log as they are part of the Protection Threat activity page as shown below.

Threat actor details from action log

You can view details about each log entry of action log. You can view all the events generated by a threat actor by clicking on the displayed IP address or the username in the log entry. Traceable displays the Activity Log of that threat actor or attacker in the Protection Threat actors section.

You can also navigate to Traces from the action log to view all the traces that are generated by the threat actor. Click on the filter button to navigate and view the traces for the threat actor for the date when the log entry was made.


Was this article helpful?

What's Next