Use the Audit Log

The Audit Log allows you to track BigPanda configuration changes from within the UI.

When multiple users are working in the BigPanda platform, it’s vital to see historic information on system configuration changes. The Audit Log enables BigPanda admins to keep track of configuration change actions across the BigPanda platform. Using the Audit Log, admins can search for specific actions and filter the list of actions based on criteria such as timeframe, users, and action categories.

BigPanda audit logs reports on Create, Update, and Delete actions for these resources:

  • Enrichment V1 Custom Tags
  • Correlation Patterns
  • Environments
  • Users

Additional resources within BigPanda will be coming to the audit logs soon.

Audit Logs can also be accessed via API. See the Audit Logs API documentation for more information.

Key Features

  • View a list of configuration changes and actions that occurred within BigPanda.
  • Determine which user made a configuration change to the system.
  • Sort and drill down into specific actions.
  • Filter logs and search for a specific action.


Roles with the following permissions can access the Audit Logs screen:

Audit_logs_ReadRead only - View the Audit Log page

To learn more about how BigPanda's permissions work, see the Roles Management guide.

View the Audit Log

The Audit Log can be accessed from within BigPanda at Settings > Audit Log. The following information appears in the Audit Log screen:

UserThe name and email address of the user associated with the action.
ActionThe action that took place. Possible actions include Created, Updated, or Deleted.
CategoryThe screen in BigPanda where the action took place.
Object NameThe name of the object that was changed as part of the action.
DateThe date and time that the action took place.

To view additional details, click any action in the list on the Audit Log page. Detailed information about the changed object and the user who made the change appears on the page.


The Audit Log can be filtered by User, Action, Category, Object Name, or Date to adjust your results.

To filter the Audit Log, select one of the options above the Audit Log table. Depending upon the filter selected, choose an option from the drop-down menu, or type into the box to narrow the results. Multiple filters can be applied at the same time.

To remove all filters, click Clear All.


The Audit Log can be filtered by User, Action, Category, Object Name, or Date to change the order of your results. From within the Audit Log table, select one of the options from the top of each column to change the sort order.

Sort is turned off when you are drilled down into a log. To change sort options for the list, collapse the selected log by clicking the down arrow in the log detail ribbon.