The Audit Logs system is a key functionality responsible for recording every important event in the system. It is used for security, audit purposes, and for monitoring compliance with regulations and internal policies.
Logs are saved in a uniform, standardized CEF (Common Event Format), which makes them easier to analyze by security tools and audit teams.
The system divides events into two main, logical categories, which helps quickly locate the relevant information.
| Log Category | Folder in the System | What does it record? |
| Authorization Logs | audit_logs/auth | Everything related to user access to the system (login, permissions, sessions, passwords). |
| Application Logs | audit_logs/app | Everything related to activities within the application (documents, workflow, system, security). |
- Audit and Compliance: Recording key events to meet legal requirements and internal security policies (e.g., GDPR, tracking access to sensitive data).
- Security Monitoring: Early detection and response to unusual or malicious activity (e.g., brute force attempts, session hijacking, privilege escalation attempts).
- Diagnostics and Analysis: Facilitating the identification of errors, configuration issues, or unauthorized actions.
The system uses a standardized CEF (Common Event Format) and provides differentiation of events by type (authorization, application) and context (e.g., company name: SSC, DEMO).
