Audit Log API
- Skip Ahead to
- Overview
- How to use the audit log API
- Event categories
- Retention period
- Accessing audit Logs
Overview
Asana’s Audit Log API provides admins in Enterprise organizations access to an immutable log of key events across their organization. Using the Audit Log API, super admins can capture and act upon important security and compliance related changes.
How to use the Audit Log API
Super admins in Enterprise organizations can use Asana’s Audit Log API to:
- Set up proactive alerting with a Security Information and Event Management (SIEM) tool like Splunk
- Conduct reactive investigations when a security incident takes place
- Visualize key domain data in aggregate to identify security trends
Event categories
Asana’s audit log API includes dozens of events, including:
- Key changes made by admins in the admin console such as
workspace_export_started
,workspace_password_requirements_changed
, anduser_workspace_admin_role_changed
- Critical user access events such as
user_login_succeeded
,user_login_failed
,user_invited
,andteam_member_added
- Deletion events such as
task_deleted
,task_undeleted
, andportfolio_deleted
- Export events such as
project_csv_export_initiated
andworkspace_teams_export_started
- Data and asset management events, such as
attachment_uploaded
andattachment_downloaded
For a full list and details around the API endpoint, visit the API documentation
Retention period
Asana stores audit logs for 90 days from the date of capture. Those who would like a longer retention period may choose to use their SIEM or another storage solution for continuous log ingestion.
Accessing the audit log API endpoint
Audit logs are accessible to super admins of Enterprise organizations via service accounts.
To see a detailed description of the audit log API endpoint, check out our developer documentation here.
To learn more about using Asana’s audit log API via Asana’s Splunk integration, visit Splunkbase to begin the installation process.