Audit Logs

Note: Only users with an Administrator role can view Audit Logs.

Audit logs provide a record of creation, modification, or deletion tasks performed by Secure Client users in your Cisco XDR organization. It includes the IP address, action taken (Message), Operation, Target, Timestamp, and User details.

Choose Client Management > Audit Logs in the navigation menu to open the Audit Logs page.

Audit Logs page displaying a table of system events, including IP, message, operation, and user columns.

Click the (Settings) icon to open the Table settings drawer and check the check boxes next to the columns you want displayed in the table. You can reorder the columns by clicking the (Grabber) icon and dragging it to the desired position in the list.

Click Reset to default to reset the table column settings to its default values.

Edit Columns modal showing options to select and reorder columns for audit logs.