Logs
Grizzle ZT-PAM stores all access events, password management operations, Safe modifications, and user activities as auditable logs.
This page allows administrators to view all recorded events across the system under two main categories:
- Audit Logs – User logins/logouts, token expiry, authentication events
- Safes Audit Logs – Safe creation, updates, permission changes, and other Safe-related activities
General Logs Structure
The Logs interface lists a chronological record of all actions performed within the system.
Each entry includes details such as who performed the action, when, from which system, and what operation was executed.
This enables administrators to centrally monitor all user behaviors, session activities, and Safe changes.
Audit Logs
This tab displays user activities and authentication-related events.
| Field | Description |
|---|---|
| Username | The name of the user who performed the action. |
| IP Address | The client IP address from which the action was executed. |
| Log Type | The type of log (e.g., User, System, Authentication). |
| Action Type | The specific action performed (e.g., Login Success, Login Failure, Token Expired). |
| OS/Browser | The operating system and browser information used during the session. |
| Time (UTC+03) | The timestamp of when the event occurred. |
| Detail | Opens a detailed view of the selected log entry. |
Filtering Options
Users can filter log entries based on the following criteria:
- Username – Display events related to a specific user
- IP Address – View activities from a specific client
- Log Type – Separate logs by category (User, System, or Security)
- Action Type – Filter by specific actions (e.g., login success, failure, expired token)
- Date/Time – Analyze events within specific date ranges
These filtering capabilities allow quick and efficient tracing of events during audit or incident analysis.
Safes Audit Logs
This tab lists Safe and Safe Permission activities within the Vault.
Each change is recorded with details about who made it, from which IP, and on which Safe it occurred.
| Field | Description |
|---|---|
| Username | The user who performed the change. |
| IP Address | The client address where the action originated. |
| Log Type | The type of event (e.g., Safe, Safe Permission). |
| Action Type | The specific action performed (e.g., Create, Update, Change Permission). |
| Safe Name | The name of the Safe affected by the action. |
| OS/Browser | The operating system and browser used during the session. |
| Time (UTC+03) | The timestamp of the event. |
| Detail | Displays detailed information for the selected log. |
Example Actions
- Safe Create: A new Safe was created.
- Safe Update: Safe details (e.g., description, access policy) were modified.
- Change Permission: User or group permissions on the Safe were updated.
This section is essential for tracking who made which changes on which Safe.
Screen Controls
The Logs interface includes advanced data control tools:
| Control | Description |
|---|---|
| Add Filter | Adds a custom filter field to refine search results (e.g., username + date). |
| Refresh Time | Sets the automatic refresh interval for the log list. |
| Density | Adjusts row spacing (compact / comfortable view). |
| Save / Reset | Saves or resets the applied view layout. |
| Columns | Manages which columns are visible in the table. |
| Search | Performs quick text-based searches. |
These tools make it easy to analyze log data for both operational monitoring and audit purposes.