Journalization

Journalization (Audit Trail) records in real-time all security events occurring on the platform: logins, SSO authentications, Shadow IT detections, password entries, Bastion approvals, etc. These data can be accessed from various contexts to facilitate investigations and audits.

Main Page

Access the global journalization from the Journalization menu in the admin sidebar.

00.audit-trail-overview

Filter by Event Type

The Event Types button allows you to display only certain categories.

Filter events by type using the "Event Types" menu

Available types include:

SmartLink / Extension Connection — success, failure, or denial
Saved / Shared Password
Detected Shadow IT / Blocked Form
Bastion — approval request, successful authentication, denial

Each event type can be enabled or disabled to refine the view: connections, passwords, Shadow IT, Bastion approvals, etc.

Search for an Event

Use the search bar to filter events by user, application, device, or any other data visible in the table.

info

Clicking on a row in the User, Application, or Device column automatically adds a contextual filter for that value, without leaving the page.

From a User's Profile

Journalization is also accessible directly from a user's profile, to display only events related to that user.

05.audit-trail-filtered-by-user

From an Application's Profile

Each application has its own Journalization tab, which lists all events related to that application.

From an application's profile, the "Journalization" tab displays all events related to that application

07.audit-trail-filtered-by-app

From a Folder's Page

The Journalization tab of a folder displays all events from the applications and members associated with that folder.

From a folder's page, the "Journalization" tab lists all events related to the applications and members of that folder

09.audit-trail-filtered-by-folder

Main Page​

Filter by Event Type​

Search for an Event​

From a User's Profile​

From an Application's Profile​

From a Folder's Page​