Administration Guide

About Logs

AlloyScan provides operational and security logs that record what happened on a Site and across the instance. There are 5 site-level logs plus 3 global logs — eight log surfaces in total.

How logs are organized

Site-level logs (under Admin Center > Site Settings > Logs) record events that occur within the boundaries of one Site:

  • Audit log — audit operations and their outcomes.
  • Scan log — scan operations and their outcomes.
  • Notifications log — notification emails queued or sent for Site users.
  • Change log — configuration changes inside the Site (segments, users, tags, reports, notification templates, and so on).
  • Security log — authentication events and platform-security events.

Global logs (under Admin Center > App management > Logs) record events at instance scope and aggregate across Sites where applicable:

  • Notifications log — instance-wide view of notification queue.
  • Change log — cross-Site configuration changes; this view adds a Site column so the originating Site is identifiable.
  • Security log — instance-wide authentication and platform-security events.

The three global logs share an event surface with their site-level counterparts: any event recorded in a Site Notifications / Change / Security log surfaces in the corresponding global log.

Log coverage

Change and Security logs may not include every system-initiated operation. Use these logs to review user and administrator activity, but do not treat them as a complete record of all background system activity.

Why this design

Splitting logs by domain (Audit / Scan / Notifications / Change / Security) makes it practical to pivot on the right axis when investigating an incident. Splitting by scope (per-Site versus instance-global) lets a Site Administrator review tenant-bound activity without seeing other tenants, while a Global Administrator can correlate across the whole fleet.

Audit log export

From the Audit log grid, you can export all grid records in CSV or XLSX format.

Open an Audit log entry to view its device-level records. From the opened log, you can download the log as a TXT file or export all records in CSV or XLSX format.

Limitations

  • Security log retention is 90 days. The other log types are retained for 30 days.
  • Log grids share the default 1000-row cap with Inventory grids; use Load all sparingly.