Activity Log Auditing Overview

User activity log auditing allows you to trace the resource access activities of all users that are registered in IAM. For example, the activity where an OU admin created a user at a specific time will be logged into the system for your query. The analysis of activity logs helps you trace the dynamics of resource changes and audit for security compliance. Specifically, the activity log auditing helps to achieve the following objectives:

  • Security analysis: When security issues occur for accounts and resources, the activity log can help you diagnose the cause of the issues. An event record is created for each user or resource activity. It contains comprehensive information such as who accessed which resource at what time and from where. These data will help you identify security risks and violations.

  • Resource dynamics tracing: Traces resource change abnormalities. For example, when an access policy is deleted and all user accounts who are assigned this policy cannot access the relevant resources. In this case, you can trace who performed this action through the activity log.

Key Concepts

  • Event: An event is an action that a user performs through the EnOS Management Console or API on a certain resource. Each user or resource change activity is logged as an event record.