The descriptions and names of available log fields in
a SaaS Security API administration activity log.
The admin audit log is generated when a SaaS Security
API administrator performs an action such as the remediation of
an incident, creating a new policy rule, or adding internal or external
collaborators. The log includes the following fields, which are
available for ingestion by your Security information and event management
Fields are listed in the order that they are needed for push
Time the incident was discovered in
with Augmented Backus-Naur Form (ABNF) to indicate the timezone.
Serial number of the organization using
the service (tenant).
Type of log. In this case,
Email account associated with the SaaS Security
Role assigned to the administrator:
IP address of the administrator who performed
Type of configuration change:
Name of the item that changed in the configuration.
Type of item in the configuration that changed:
Name of the field associated with the configuration change.