Audit Indexes
Audit indexes provide event logs on account activities, allowing you to monitor and audit changes. Query the indexes to find a wide variety of information on your account activity.
You can also view data from audit indexes in dashboards when you install these apps:
- Sumo Logic Audit App. Displays data from the Audit Index.
- Enterprise Audit Apps. Display data from the Audit Event Index.
- Sumo Logic Infrequent Data Tier App and Sumo Logic Enterprise Search Audit App. Display data from the Search Audit Index.
- Sumo Logic Flex App. Display data from the Search Audit Index.
Availability of the indexes differs according to your account type. To enable access to audit indexes, go to Administration > Security > Policies.
Guide Contents
In this section, we'll introduce the following concepts:
Audit Index
Collect event logs in plain text on account activities, such as account management, user activity, scheduled searches, and alerting.
Search Audit Index
Collect event logs on search activities in your account.
Audit Event Index
Collect event logs in JSON format on account activities for a wide range of actions.
System Event Index
Collect event logs in JSON format on system activities.
Documentation for Audit Log Definitions
See Audit Event Log Definitions documentation for audited events.