Citrix Analytics for Security

Audit logs

An audit log describes audit information for events generated on Citrix Analytics. They can be system events such as errors, or an audit trail of configuration actions performed by the Citrix Analytics administrator.

Whenever a configuration is added, deleted, or updated, the event information is written to the audit log. This information is about what was modified, the time when it was modified, and who modified it.

You can view audit log information for the last three months.

Activities that generate audit events

The following events are registered on Citrix Analytics:

  • Errors generated

  • Transmission turned on

  • Transmission turned off

  • Data sources added

  • Data sources removed

  • Policies created

  • Policies updated

  • Policies deleted

Audit log events

How to view the audit log

To view audit logs, log on to Citrix Analytics. Navigate to Settings > Data Sources. On the Data Sources page, click Audit Log on the top right corner.

Navigate to Audit Log

How to use the audit log

You can use the audit log to review and be aware of any event on Citrix Analytics. Refresh the Audit Log page to fetch the latest audit data. The page displays the date and time when the audit data was last updated.

You can view the following audit information on the Audit Log page. You can also filter the audit data based on these fields.

  • Events. Events can be system generated or configurations applied by the administrator on Citrix Analytics. Events can also represent errors such as the failure to apply actions or a data source. By default, logs for all events are displayed. You can filter based on the type of event you want to view.

  • Date and Time. The data and time when the event occurred. You can filter based on the period for which you want to view the log. You can view events for the current day, last seven days, last 15 days, last month, and last three months.

  • Product. The product for which the event was generated. The events are generated on the product and aggregated on Citrix Analytics where they are displayed. You can filter the log based on one or more products.

  • Data Source. The name of the product instance associated with the audit entry. You can search for any specific data source to view its audit data.

  • By Admin. The Citrix Analytics administrator who performed the admin activities. You can search for activities performed by any specific administrator.

Audit log page

If your registered event was based on a policy, you can click the arrow icon to view more details such as:

  • Policy name

  • The specified condition

  • The resulting action

Audit log event policy details

Audit logs