Audit Logs provide a single source of all user activity within a Fulcrum plan. These logs can be monitored, reviewed, or exported by users with the owner system role to perform your own analysis. An audit trail can be used to prevent suspicious activity if actively monitored, or to playback account activity during an incident review.
Accessing audit logs
To access the audit logs, start on the Fulcrum homepage.
Click the red gear icon in the upper-right and select "settings"
On the settings page, click the Audit Logs tab
Filtering and Sorting
You can filter the audit log table to limit the results for specific sources, actions, members, or IP addresses. You can also provide a date range, which can be used in conjunction with the other filters.
To sort the audit log table, click on the header of the column that you wish to sort by.
The audit log table includes the following fields for reviewing account activities:
Source: The type of log entry (export, data_export, membership, layer, project, audit_log, role, form, data_share, classification_set, authorization, choice_list, import, organization, webhook).
Action: The action that was logged (update, create, permission_update, download, delete, reset, share_enabled, share_disabled, update_credit_card, plan_change, billing_emails_change, update_storage, add_credit, change_default).
Description: A brief description of the logged activity.
Member: The name associated with the user account that performed the action.
IP Address: The Internet Protocol address of the device that triggered the action.
Location: The approximate IP location from the device which triggered the action.
You can export the filtered results in the audit table by using the export button that is located in the upper right corner of the page just, above the table and filter options.
Below is a list of the sources and corresponding actions that are logged.
Organization: Update, Plan Change, Billing Email Change, Credit Card Change
Membership: Create, Update, Delete, Role Change, Permission Update
Role: Create, Update, Delete
Authorization (API Key): Create, Update, Delete, Reset
Export: Create, Download, Delete
Data Export: Create, Download, Delete
Import: Create, Delete
Form: Create, Update, Delete, Permission Update, Shares Enabled/Disabled
Data Share: Enabled, Disabled
Choice List: Create, Update, Delete
Classification Set: Create, Update, Delete
Project: Create, Update, Delete, Permission Update
Layer: Create, Update, Delete, Permission Update
Webhook: Create, Update, Delete
Audit Log: Export
Bulk Action: Delete
Audit logs are available on Enterprise plans.