In this article

• Global audit log
• Project audit log
• threat and countermeasure audit logs

Permissions required

• ALL_USERS_AUDIT_LOG_VIEW (global)
• USER_AUDIT_LOG_VIEW (specific to that user)
• PROJECT_AUDIT_LOG_VIEW (project level scope)

Instructions

IriusRisk provides powerful auditing tools within our application via the usage of the audit log.

This is available at multiple different levels of scope of the application.

If we want to view the audit log at a global level, navigate to settings > Audit Log.

From here, we can see many audit log entries.

This can be very powerful, but as with many things, too much data can be overwhelming, so we can combat this with the usage of filtering and sorting.

We can filter by many different filters for example the event_type as shown below:

We can also filter by user, project, timestamp etc.

We can then sort by ascending/descending by clicking on the numerous fields at the top.

As you may notice, a significant number of the audit log entries are of event type = 'Issue tracker synchronized', so you may wish to filter this out when you want a concise view of a project log for example.

If you wish, we also have an option to remove the logging of these entirely via settings > User interface:

 
We also hold an audit log on a project level:

threat level:

and countermeasure level:

Related articles:

• How long are audit logs kept inside IriusRisk UI
• How do I find out who changed my threat model