How to review Audit Services

This guide shows you how to review the Audit Services registered for the current Site and decide whether a service is healthy, stale, outdated, or scheduled for deletion.

Use this workflow at:

Admin Center > Site Settings > Tasks and services > Audit services

Scope

This is a per-Site workflow for Site Administrators. Audit Services belong to one Site and execute scan and audit tasks for that Site.

Prerequisites

You are signed in as a Site Administrator.
At least one Audit Service has been installed for the Site.

Steps

Open Admin Center > Site Settings > Tasks and services > Audit services.
Review the service list.
Open a service row to inspect the detail modal.
On the General tab, confirm the service identity and heartbeat fields.
On the Credentials tab, review the credential pool assigned to this service.
On the Tasks tab, review work assigned to this service.

Key columns

Column	What to look for
Name	Expected host name for the service machine.
IP address	Last address the service reported from.
Last active	Recent heartbeat. Stale values usually mean the service is offline or blocked.
Version	Service version. A lagging version can be marked as outdated.
Updater version	Auto-updater version.
Expiration date	Populated when the service is scheduled for deletion.

When to take action

Signal	Action
Last active is stale	Check whether the service process is running on the host and whether it can reach the AlloyScan instance.
Service is marked outdated	Update or reinstall the Audit Service package.
Expiration date is populated unexpectedly	Confirm whether the service was manually scheduled for deletion or aged out through inactivity cleanup.
Tasks remain queued	Review Active Tasks and confirm that at least one Audit Service is active.

Verify

The service has a recent Last active value.
The service is not unexpectedly scheduled for deletion.
New scan or audit work moves from Active tasks into the Scan log or Audit log.