KUMA audit events

Audit events are created when certain security-related actions are completed in KUMA. These events are used to ensure system integrity.

To view audit events, go to the Events section in KUMA and add "SELECT * FROM 'events' WHERE Type=4" to the query.

As a result of executing the query, audit events are displayed in the Events section if the user role allows viewing audit events.

In this section Event fields with general information User was successfully signed in or failed to sign in User login successfully changed User role was successfully changed Other data of the user was successfully changed User successfully logged out User password was successfully changed User was successfully created User role was successfully assigned User role was successfully revoked The user has successfully edited the set of fields settings to define sources User access token was successfully changed Changed the set of spaces to differentiate access to events Service was successfully created Service was successfully deleted Service was successfully reloaded Service was successfully restarted Service was successfully started Service was successfully paired Service status was changed Storage partition was deleted by user Storage partition was deleted automatically due to expiration Storage partition was deleted automatically or moved due to exceeding the storage capacity. Active list was successfully cleared or operation failed Active list item was successfully changed, or operation was unsuccessful Active list item was successfully deleted or operation was unsuccessful Active list was successfully imported or operation failed Active list was exported successfully Resource was successfully added Resource was successfully deleted Resource was successfully updated Asset was successfully created Asset was successfully deleted Asset category was successfully added Asset category was deleted successfully Settings were updated successfully Tenant was successfully created Tenant was successfully enabled Tenant was successfully disabled Other tenant data was successfully changed Updated data retention policy after changing drives The dictionary was successfully updated on the service or operation was unsuccessful Response in Active Directory Query sent to KIRA KICS/KATA response Kaspersky Automated Security Awareness Platform response KEDR response Importing MITRE ATT&CK techniques and tactics

Page top