Audit Log

The audit log allows Admin level users to look back at changes that have been made in your Kondukto instance. This is useful when you need to troubleshoot a problem or if you need to keep a record of important events, such as changes to global permissions.

The log can be filtered by date, event category, event name and username under the filters.

For Enterprise plan customers of Kondukto, the retention period of the audit log can be configured under global settings as 1 month, 3months or 6 months.

For Pro plan customers, the retention period is set to 1 month.

The system automatically runs a clean up and deletes any log entries that are older than the time frame you’ve set.

The following events can be tracked on the audit log.

Projects
Add Project
Delete Project
Update Project

Products
Add Product
Delete Product
Update Product

Scans
New Scan
Re-scan
Start Instant Scan,
Get Failed Scan
Cancel Scan

Imports
Import File
Import Scan

Scanners
Add Scanner
Update Scanner
Delete Scanner
Change Scanner Status

Users
Get User By ID
Add User
Update User
Delete User
Update Password
Update Status
Update Login Type
Log in
Log out
Failed login attempts

Teams
Add Team
Update Team
Delete Team

Settings
Add Settings
Update Settings
Delete Settings
Add Issue Criteria
Update Issue Criteria
Delete Issue Criteria
Add CI/CD Security Criteria
Update CI/CD Security Criteria
Delete CI/CD Security Criteria
Add Suppression Rule
Update Suppression Rule
Delete Suppression Rule
Add Alert Rule
Update Alert Rule
Delete Alert Rule
Add Remediation (Remediation DB)
Update Remediation (Remediation DB)
Delete Remediation (Remediation DB)
Add Report
Update Report
Delete Report
Add Infra Profile
Update Infra Profile
Delete Infra Profile
Add Infra Group
Update Infra Group
Delete Infra Group

Vulnerabilities
Issue opened for vulnerability
Issue closed for vulnerability
Change severity
Change CVSS score
Marked as false positive
Unmark false positive
Marked as risk accepted
Unmark risk accepted
Add comment