Audit events

Okta Privileged Access provides detailed logs of various events related to configuration, enrollment, authentication, and authorization within the product and on your servers. This feature enables effective communication within teams by allowing them to monitor activities such as connection attempts, team settings changes, and issued credentials. The Audits tab lists all the audited events for each user, operating system, and project in your team.

Viewing audit events

To view a list of all audited events from your Okta Privileged Access dashboard, go to Logging and click Audits. The Audits page appears.

You can also view the audit events in the Okta System Log. For more information, seeAudit Events Integration with Okta System Log

Okta Privileged Access retains audit log events for 90 days. If you want to archive audit log events for a longer period, Okta recommends that you ingest them into your security event information management (SEIM) solution. This can be accomplished by integrating with the ASA Audit Log API.

The Audits page displays the following information for each event:

  • Resource - the user or resource that was affected.
  • Action - what action was taken, whether it was accessing a resource or issuing credentials.
  • Related Info - what project or server in which this action took place.
  • Actor - who committed the action.
  • Date - when the action took place.

Related topics