Axis Security provides admins with visibility regarding user connections to applications and their activities within the applications. These include file downloads, commands and more. The information provided is composed of events and sessions. Events are any action taken by the user in the system. The Log Streaming Service can send user activity log information to any third-party log analytics tool, such as Splunk and Syslog.
|Activity Log Field
|Application unique identifier
|Application name as configured in the Management Console
|The protocol used for accessing the application
|Whether the application was created in the User Portal or in the Management Console
|Address and port used to access the application when connecting through a local network
|A sentence describing the activity
|Event’s unique identifier. An event is described as any user activity in the system
|A user's activity within the application
|User’s country based on the IP
|Boolean field indicating whether the event was blocked (true) or allowed (false) by policy. Click here to learn more about policy rules.
|Authenticating IdP unique identifier
|List of groups in which the user is a member and are included in a policy rule
|Client’s device operating system
|Unique identifier for the policy rule that blocked/allowed the session
|Name of the policy rule that blocked/allowed the session
|Session unique identifier
|Axis tenant ID. Click here to learn about tenant management.
|Axis tenant name
|User unique identifier
|For Axis IdPs: username as configured. For third party IdPs: alias
|User’s name as appears in the IdP
Updated about 2 years ago