For any organization handling sensitive data, maintaining a clear and comprehensive audit trail is not just a best practice—it’s often a requirement for security compliance (like HIPAA and SOC 2). Our audit events provide a complete record of all significant actions taken within your Redox organization.
- Answer "who did what, and when?": Securely log all user activity, from viewing a log containing PHI to changing a user’s permissions.
- Monitor for security risks: Proactively track events like failed login attempts or unauthorized access to confidential data.
- Troubleshoot issues: See a step-by-step history of configuration changes to understand how and when a problem occurred.
- Automate compliance: Use the Redox Platform API to programmatically pull audit events into your own security and compliance monitoring tools. Review the Get audit events spec.
Auditing is an advanced feature. Once you’ve upgraded your plan to include this advanced feature, auditing is available to Redox organization owners.
Our auditing feature tracks two major categories of events:
- User activity: An action a user takes that could affect your organization’s configuration or assets.
- User access: An action a user takes related to user accounts and permissions.
Confidential data in audit events
For example, you can track who:
- creates, updates, or deletes any connectivity settings (e.g., OAuth API keys, sources, or destinations);
- views or modifies any data operations (e.g., translation sets, filters, config modifiers); and
- views or searches logs, as well as runs log inspector.
For example, you can track when a user:
- logs in or switches between Redox organizations;
- invites a new user to join the organization; and
- changes another user’s role assignment.
When you review audit events, they’ll have an associated status, which could be any of the following:
Audit event status | Description |
---|---|
attempted | A user tried to perform a given action in a Redox organization, but we’re not sure how it turned out yet. This is an interim state, and it could change to any of the other statuses to show the terminal state. |
unauthorized | A user was logged in to a Redox organization but didn’t have the correct role assignment to complete the action. |
unauthenticated | A user wasn’t logged in to a Redox organization when trying to complete the action. |
failed | A user tried to complete an action but wasn’t successful for some reason. |
successful | A user tried to complete an action and was successful. |