Audit Indexes

Audit indexes provide event logs on account activities, allowing you to monitor and audit changes. Query the indexes to find a wide variety of information on your account activity.

You can also view data from audit indexes in dashboards when you install these apps:

Sumo Logic Audit App. Displays data from the Audit Index.
Enterprise Audit Apps. Display data from the Audit Event Index.
Sumo Logic Infrequent Data Tier App and Sumo Logic Enterprise Search Audit App. Display data from the Search Audit Index.
Sumo Logic Flex App. Display data from the Search Audit Index.

note

Availability of the indexes differs according to your account type. To enable access to audit indexes, go to Administration > Security > Policies.

Guide Contents

In this section, we'll introduce the following concepts:

Audit Index

Collect event logs in plain text on account activities, such as account management, user activity, scheduled searches, and alerting.

Search Audit Index

Collect event logs on search activities in your account.

Audit Event Index

Collect event logs in JSON format on account activities for a wide range of actions.

System Event Index

Collect event logs in JSON format on system activities.

Documentation for Audit Log Definitions

See Audit Event Log Definitions documentation for audited events.

Guide Contents​