Logs

The Logs page gives an overview of of every user action in SEON, including login information, viewing of transaction details, state changes, blacklisting, whitelisting and adding notes.

Each log entry includes all relevant information for further investigation including any relevant transaction ID, IP address of the user and the date & time of the action. A link to the specific resource (transaction, user, rule etc.) is also available, if applicable. 

The user log can be reordered by clicking the column names along the top of the listing, and it can be filtered to logs for a specific user, action or date range. 

Detailed logs on each transaction can also be viewed on the Analyst Logs tab within the Transaction Details page itself.

A green checkmark appears next to approved logs.

The User Actions API is a SIEM integration tool that helps track and share team activity logs with your security and event management systems. It takes all entries from the Logs page within two timestamps specified in your API request and shares them with your systems.