Audit Log
The audit log provides a complete, immutable record of all operations performed in your Tenuo Cloud account. Use it for compliance, debugging, and security monitoring.
Viewing the Audit Log
Navigate to Audit Log in the sidebar to see recent events.
Event Information
Each audit entry includes:
| Field | Description |
|---|---|
| Timestamp | When the operation occurred (UTC) |
| Actor | Who performed the operation (user, API key, or service account) |
| Action | What operation was performed |
| Resource | The affected resource (key, revocation, etc.) |
| Result | Success or failure |
| IP Address | Source IP of the request |
| Details | Additional context about the operation |
Filtering Events
Use filters to find specific events:
- Time Range: Last hour, 24 hours, 7 days, 30 days, or custom
- Actor: Filter by user, API key, or service account
- Action: Filter by operation type
- Resource Type: Keys, revocations, API keys, etc.
- Result: Success or failure
Audit Event Types
Key Operations
| Action | Description |
|---|---|
key.create | Key was created |
key.rotate | Key was rotated |
key.revoke | Key was revoked |
key.suspend | Key was suspended |
key.enable | Suspended key was re-enabled |
Revocation Operations
| Action | Description |
|---|---|
revocation.create | Revocation was created |
revocation.delete | Revocation was deleted |
srl.regenerate | SRL was regenerated |
srl.export | SRL was exported |
API Key Operations
| Action | Description |
|---|---|
api_key.create | API key was created |
api_key.revoke | API key was revoked |
api_key.delete | API key was deleted |
Authentication Events
| Action | Description |
|---|---|
auth.login | User logged in |
auth.logout | User logged out |
auth.failed | Authentication attempt failed |
Exporting Audit Logs
Export audit logs for external analysis or compliance:
- Set your desired filters
- Click Export
- Choose format (JSON or CSV)
- Download the file
Exports are limited to 10,000 events. Use date filters to export larger ranges in batches.
Retention
Audit logs are retained for:
- Standard: 90 days
- Enterprise: 1 year (configurable)
Contact support to discuss extended retention requirements.
Security Monitoring
Use the audit log to detect security issues:
Unusual login patterns
Look for logins from unexpected IP addresses or at unusual times.
Bulk operations
Multiple key revocations or deletions in a short time may indicate compromise.
Failed authentication
Repeated auth.failed events may indicate a brute force attack.
Privilege escalation
Watch for API keys being created with admin scope unexpectedly.
Integrations
SIEM Integration
Export audit logs to your SIEM system:
- Set up a webhook for audit events
- Forward events to your SIEM (Splunk, Datadog, etc.)
- Create alerts based on patterns
Compliance Reports
Generate compliance reports:
- Filter by date range and resource type
- Export to CSV
- Include in your compliance documentation
Best Practices
Review regularly
Schedule weekly reviews of audit logs for unusual activity.
Set up alerts
Use webhooks to alert on critical events like key revocations.
Export for compliance
Regularly export audit logs for compliance documentation.
Correlate with other logs
Cross-reference audit events with your application logs for full context.