If you're a risk-conscious organization that has third-party requirements for security, observability, and transparency, our platform auditing is for you.
With Redox auditing, you can troubleshoot or monitor any potential risks within your Redox organization. You can do this all programmatically with the Redox Platform API. Auditing helps you implement automated, proactive risk mitigation within your Redox organization.
Auditing is an advanced feature for any Redox product:
- Redox Nexus™
- Redox Access™
- Redox Chroma™ EMPI powered by Verato
- Redox Nova™
Once you've upgraded your plan to include this advanced feature, auditing is available to any Redox organization owners.
With our Platform API endpoints, you can audit these kinds of events in your Redox organization:
- user activity, like:
- who views log payloads;
- when a user creates, updates, or deletes an API key (either OAuth or legacy); or
- when a user creates, updates, or deletes a source or destination in your system.
- user access, like:
- when a user sends an invitation for a new user to join the organization;
- when a new user accepts an invitation to join the organization; and
- when a user modifies another user's permissions, whether granting or revoking access.
In more technical speak, review the available user activity audit events.
Audit event | Description |
|---|---|
organization-loaded | Describes any time a user opens (i.e., loads) a Redox organization. This could be when a user automatically logs in to an organization or when a user switches to a different organization. In a nutshell, this is when an organization's details are loaded for any reason, whether in the Redox dashboard or via API. |
log-payload-viewed | Describes who viewed which logs and when. |
log-search | Describes who searched for which logs, including metadata and payloads. |
oauth2-api-key-operation | Indicates when a user creates, updates, or deletes an OAuth API key. |
legacy-api-key-operation | Indicates when a user creates, updates, or deletes a legacy API key. |
endpoint-operation | Indicates when a user creates, updates, or deletes a destination configured to receive data within a Redox organization. |
customer-filter-operation | Indicates when a user creates, updates, or deletes a filter for a subscription in a Redox organization. |
translation-set-operation | Indicates when a user creates, updates, or deletes a translation set within a Redox organization. |
translation-set-link-operation | Indicates when a user creates, updates, or deletes a translation set link within a Redox organization. |
value-set-operation | Indicates when a user creates, updates, or deletes a value set within a Redox organization. |
In more technical speak, review the available user activity audit events. Also, learn about role assignments to understand user roles and related access.
Audit event | Description |
|---|---|
user-invited | Shows when a user is invited to join a Redox organization. |
user-joined | Shows when a new user accepts an invitation to join a Redox organization. |
user-org-role-changed | Shows when an organization owner updates their own or other users' role assignments to perform functions within a Redox organization. Depending on the role assignment, a user's permissions could be elevated or lowered after this event. |
user-removed | Shows when an organization owner removes a user's role assignment within a given organization. Without an organization role, a user has zero access to the given organization, meaning they won't even be able to see it exists. |
user-env-role-changed | Shows when an organization owner or admin updates their own or other users' role assignments to perform functions within a given environment. Depending on the role assignment, a user's permissions could be elevated or lowered after this event. |
user-env-role-removed | Shows when an organization owner or admin removes a user's role assignment within a given environment. Without an environment role, a user has zero access to the given environment, meaning they won't even be able to see it exists. |
When you view these audit events, they'll have an associated status, which could be any of the following:
Audit event status | Description |
|---|---|
attempted | A user tried to perform a given action in a Redox organization, but we're not sure how it turned out yet. This is an interim state, and it could change to any of the other statuses to indicate the terminal state. |
unauthorized | A user was logged in to a Redox organization but didn't have the correct role assignment to complete the action. |
unauthenticated | A user wasn't logged in to a Redox organization when trying to complete the action. |
failed | A user tried to complete an action but wasn't successful for some reason. |
successful | A user tried to complete an action and was successful. |