Audit Suite: API and Integration Support

Read more about Asana’s support for Audit Log, Security Information and Event Management (SIEM), Data Loss Prevention (DLP), eDiscovery, Archiving, and Cloud Access Security Broker (CASB) use cases.

Overview

Asana’s Audit Suite includes APIs and Apps that support your organization’s security and compliance posture. Asana currently offers:

1. An Audit Log API that captures over a hundred security-and-compliance events. This is accessible to Super Admins in Enterprise domains, with multiple options to leverage a Security Information and Event Management (SIEM) vendor.
2. Closed Enterprise APIs that support Data Loss Prevention (DLP), eDiscovery, and Archiving use cases; and several third-party integration partnerships in these areas.
3. Support for Cloud Access Security Broker (CASB) vendors.

If you are interested in connecting with a member of our team about Asana’s Audit Suite support, please fill out this form.

Audit Log API

Overview

Asana’s Audit Log API provides admins in Enterprise organizations access to an immutable log of key events across their organization. Using the Audit Log API, super admins can capture and act upon important security and compliance related changes.

How to use the Audit Log API

Super admins in Enterprise organizations can use Asana’s Audit Log API to:

1. Set up proactive alerting with a Security Information and Event Management (SIEM) tool like Splunk
2. Conduct reactive investigations when a security incident takes place
3. Visualize key domain data in aggregate to identify security trends

Event categories

Asana’s audit log API includes dozens of events, including:

1. Key changes made by admins in the admin console such as workspace_export_started, workspace_password_requirements_changed, and user_workspace_admin_role_changed
2. Critical user access events such as user_login_succeeded, user_login_failed, user_invited,and team_member_added
3. Deletion events such as task_deleted, task_undeleted, and portfolio_deleted
4. Export events such as project_csv_export_initiated and workspace_teams_export_started
5. Data and asset management events, such as attachment_uploaded and attachment_downloaded

For a full list and details around the API endpoint, visit the API documentation

Retention period

Asana stores audit logs for 90 days from the date of capture. Those who would like a longer retention period may choose to use their SIEM or another storage solution for continuous log ingestion.

Accessing the Audit Log API endpoint

Audit logs are accessible to super admins of Enterprise organizations via service accounts.

To see a detailed description of the audit log API endpoint, check out our developer documentation here.

To learn more about using Asana’s audit log API via Asana’s Splunk integration, visit Splunkbase to begin the installation process.

To learn more about using Asana’s audit log API via Asana’s Panther integration, visit their Asana Apps page.

Data Loss Prevention (DLP)

Customers may wish to regularly scan their Asana instances for data that affects or violates their organization-wide policies.

For example, an organization may wish to conduct a monthly audit to find any instances of passwords being inadvertently entered into Asana tasks.

For developers, Asana currently offers closed APIs that support Data Loss Prevention (DLP) use cases. Please fill out this form if you are interested in learning more.

For detail about Nightfall’s integration with Asana, visit their Asana Apps page.

eDiscovery

Customers may wish to pull data from Asana into a third-party eDiscovery tool to proactively plan for or reactively respond to litigation.

Asana offers closed APIs that support eDiscovery use cases. Please fill out this form if you are interested in learning more.

Visit Exterro’s and Hanzo's Asana Apps page to learn more about their third party integrations with Asana. Stay tuned for additional partnerships coming soon.

Archiving

Customers in highly-regulated industries may wish to regularly pull/store objects or events related to changes on objects in Asana.

Asana offers closed APIs that support Archiving use cases. Please fill out this form if you are interested in learning more.

Learn more about Theta Lake's integration with Asana by visiting their Asana Apps page.

Cloud Access Security Broker (CASB)

Customers may wish to control use of Asana via their Cloud Access Security Broker (CASB) provider. Asana currently offers a connector with Netskope and support in the Enterprise tier for setting approved workspaces. Please fill out this form if you’d like help integrating with a CASB provider that is not currently supported.

Please visit this article to learn more about managing approved workspaces.

For detail about Netskope’s integration with Asana, visit the Asana Apps page.

Export audit logs as a CSV file from the admin console

Super admins of Enterprise domains can now export audit logs for their organization directly from the admin console. Audit logs were previously only available via the API or Asana’s SIEM integrations with Splunk and Panther.

When choosing to initiate an export, super admins can select a date range for the export as well as a desired set of audit events.

A maximum of one export can be initiated at any given time within a domain. Audit events are retained for ninety days from capture.

To export an audit log as a CSV:

You will receive an email notification shortly after confirming your export request. Requests with large amounts of data can take up to 24 hours. You will receive your CSV file via email once complete.