CVEium
Sign Up

Audit Log

Track all actions in your organization with the comprehensive audit log.

The audit log provides a complete, immutable history of all actions taken within your team. It is essential for compliance, accountability, and troubleshooting.

Accessing the audit log

Navigate to Audit Log in the sidebar. The log shows the most recent actions first.

What is tracked

Every significant action is recorded:

Entity types

  • Product: Created, updated, or deleted
  • Release: Created, updated, or deleted
  • SBOM: Uploaded or deleted
  • Vulnerability: Created during scanning
  • Disposition: Created or updated during triage
  • VEX Document: Created, submitted, approved, rejected, or published
  • Published Disclosure: Created during publication

Actions

  • Created: A new entity was added
  • Updated: An existing entity was modified
  • Deleted: An entity was removed
  • Submitted: A VEX document was submitted for review
  • Approved: A VEX document was approved
  • Rejected: A VEX document was rejected back to draft
  • Published: A VEX document was published as a disclosure
  • Locked: A release was locked during VEX review
  • Unlocked: A release was unlocked after VEX rejection

Log entry details

Each audit log entry shows:

  • Action icon: Color-coded icon indicating the action type
  • Action: What was done (Created, Updated, Deleted, etc.)
  • Entity: The type and name of the affected entity
  • Actor: Who performed the action (name and email)
  • Time: When the action occurred (relative timestamp)

Filtering

You can filter the audit log by:

  • Entity type (Product, Release, SBOM, etc.)
  • Action (Created, Updated, Deleted, etc.)

Pagination

The audit log shows 50 entries per page with Previous/Next navigation controls.

CSV export

To export the audit log for external analysis or compliance records:

  1. Click the Export CSV button in the top-right corner of the audit log page
  2. The CSV file downloads immediately

The exported CSV includes columns for: timestamp, action, entity type, entity ID, entity name, actor email, actor name, and changes.

You can also filter the export by date range and entity type using query parameters on the export URL.

Immutability

Audit log entries cannot be modified or deleted. This ensures the integrity of your compliance records and provides a trustworthy trail for auditors.