Explanation of Settings

Every event is divided into different categories and is displayed in the audit log. These categories are explained in the table listed below.

Figure 1: Categories




Shows at which time the action was performed.


Shows which user has performed the action.


Shows the user for whom the action was performed.


Explains if an event has created, updated or deleted something. Success or failure indicate if a login was successful or not.


Shows if the action is a modification of the user setting, the deny or allow list, the credentials or the login.

Target path

Shows under which domain the user is created for whom the action is executed.

App ID

Shows the identification numbers of the applications which use the API. Applications can communicate with the Hornetsecurity Services via the API.

App version

Shows the version of the application which communicates with the API.


Shows the IP address of the user who performed the action.


Shows the path to the API endpoint which is used.

The categories Timestamp, User, Target, Action, and Event are displayed by default. Additionally you can activate the categories Target path, App ID, App version, IP,and URL. To do that, go to the chapter Selecting the Displayed Categories.