Audit Logs
Audit logs provide a comprehensive record of all actions taken within DZDESK for security, compliance, and troubleshooting purposes.
What are Audit Logs?
Audit logs capture:
- Who performed an action
- What action was performed
- When it occurred
- What changed (before/after)
- Where (IP address, device)
Why Audit Logs Matter
Security
- Detect unauthorized access
- Investigate security incidents
- Monitor privileged actions
- Identify suspicious patterns
Compliance
- Meet regulatory requirements (KVKK, GDPR)
- Demonstrate access controls
- Support audit processes
- Maintain accountability
Troubleshooting
- Understand what changed
- Identify who made changes
- Track down issues
- Restore configurations
Logged Events
User Actions
| Event | Details Captured |
|---|---|
| Login | User, time, IP, success/failure |
| Logout | User, time, session duration |
| Password change | User, time (not the password) |
| Profile update | User, fields changed |
Request Actions
| Event | Details Captured |
|---|---|
| Create | Creator, all initial values |
| Update | User, field changes |
| Status change | User, old/new status |
| Assignment | User, old/new assignee |
| Comment added | User, comment type |
| Attachment added | User, file name, size |
| Delete | User, request snapshot |
Administrative Actions
| Event | Details Captured |
|---|---|
| User created | Admin, new user details |
| User modified | Admin, changes made |
| User deactivated | Admin, reason |
| Role changed | Admin, old/new role |
| Group modified | Admin, changes |
| SLA configured | Admin, settings |
| System settings | Admin, changes |
System Events
| Event | Details Captured |
|---|---|
| API access | Client, endpoint, response |
| Integration sync | Source, records affected |
| Scheduled jobs | Job type, status |
| Errors | Error details, context |
Viewing Audit Logs
Access Requirements
- Admin role required for full access
- Agents see limited logs (own actions)
- Viewers have no audit access
Navigation
- Go to Settings > Audit Logs
- Use filters to narrow results
- Click entries for details
Filtering Options
| Filter | Description |
|---|---|
| Date range | Start and end dates |
| User | Specific user's actions |
| Action type | Create, Update, Delete, etc. |
| Resource type | Request, User, Group, etc. |
| IP address | Actions from specific IP |
Log Entry Details
Each entry contains:
Timestamp: 2024-01-15 14:32:45 UTC
User: john.doe@company.com
Action: Request Updated
Resource: Request #1234
IP Address: 192.168.1.100
User Agent: Chrome/120.0 (Windows)
Changes:
- Status: "Open" → "In Progress"
- Assigned Agent: null → "jane.smith@company.com"
Retention Policy
Default Retention
- Audit logs retained for 2 years
- Configurable based on compliance needs
- Older logs archived or deleted
Compliance Requirements
| Regulation | Typical Requirement |
|---|---|
| KVKK | Minimum 2 years |
| GDPR | As long as necessary |
| SOC 2 | 1 year minimum |
| ISO 27001 | Per risk assessment |
Exporting Audit Logs
Export Options
- CSV format
- JSON format
- PDF reports
Export Process
- Apply desired filters
- Click Export
- Select format
- Download file
Scheduled Exports
Configure automatic exports:
- Daily, weekly, or monthly
- Email delivery
- SFTP upload
- Cloud storage
Security of Audit Logs
Tamper Protection
- Logs are append-only
- No deletion capability
- Cryptographic integrity
- Separate storage
Access Control
- Only Admins can view
- No log modification allowed
- Access to logs is itself logged
Using Audit Logs
Investigation Scenarios
Who changed this request?
- Filter by resource ID
- Find relevant entries
- View change details
What did this user do today?
- Filter by user
- Set date range
- Review actions
When was this setting changed?
- Filter by resource type
- Search for configuration
- Find change entry
Compliance Reporting
Generate reports for:
- Access reviews
- Change management
- Incident response
- Regulatory audits
Best Practices
Regular Review
- Review privileged actions weekly
- Check failed login attempts
- Monitor unusual patterns
- Investigate anomalies
Retention Management
- Define retention policy
- Archive before deletion
- Document retention decisions
- Test restoration process
Integration
- Forward to SIEM if available
- Set up alerts for critical events
- Include in security monitoring
- Correlate with other logs
Troubleshooting
Logs Not Appearing
- Check you have Admin role
- Verify date range filter
- Allow time for log processing
Cannot Export
- Check export permissions
- Verify date range is valid
- Try smaller date range
Missing Expected Events
- Some events may be batched
- Check filter settings
- Contact support if persistent
Related Topics
- Activity Logs - Request-specific history
- Security & Compliance - Security details
- KVKK/GDPR Notes - Compliance info