Audit Logs

Note: Only users with an Administrator role can view Audit Logs.

Audit logs provide a record of creation, modification, or deletion tasks performed by Secure Client users in your Cisco XDR organization. It includes the IP address, action taken (Message), Operation, Target, Timestamp, and User details.

Choose Client Management > Audit Logs in the navigation menu to open the Audit Logs page.

Audit Logs page displaying a table of system events, including IP, message, operation, and user columns.

Click the (Edit Columns) icon and check the boxes next to the column names to filter the columns that are displayed on the page. You can also drag and drop the column names in the order you want to view them in the table.

Edit Columns modal showing options to select and reorder columns for audit logs.