Advanced Server Access allows you to communicate within your team by keeping detailed logs of a wide range of configuration, enrollment, authentication, and authorization events that occur within the product and on your servers. Examples of this are details concerning who is attempting connections, when they took place, team settings changes, and issued credentials. Audited events are listed in the Audits tab for every user, operating system, and project in your team.
To view a list of all audited events, from your Advanced Server Access dashboard, go to Logging and click Audits. The Audits page appears.
Advanced Server Access retains audit log events for 90 days. If you wish to archive audit log events for a longer period of time, Okta recommends that you ingest them into your security event information management (SEIM) solution. This can be accomplished by integrating with the ASA Audit Log API.
The Audits page displays the following information for each event:
- Resource - The user or resource that was affected.
- Action - What action was taken, whether it was accessing a resource or issuing credentials.
- Related Info - What project or server this action took place.
- Actor - Who committed the action.
- Date - When the action took place.