Audit is the immutable record of activity across your workspace. Every meaningful change — to applications, policies, scans, approvals, and security events — is logged with who did it, when, and why. It's your accountability layer and a ready source of compliance evidence.
What you'll see
- Activity events across applications, policies, scans, and security.
- Actor and reason — who took each action and the context behind it.
- Retention and export controls — how long records are kept and how to export them for an auditor.
How to use it
Use Audit to answer "what happened here?" — whether you're investigating an unexpected change, preparing for an audit, or confirming a decision. Filter to the area, time range, or actor you care about, then export the result as evidence.
Why it's immutable
The audit trail is append-only — entries can't be edited or deleted. That's what makes it trustworthy as evidence: a record that could be changed after the fact wouldn't satisfy an auditor, and wouldn't help you either.