Audit Trail Event Types
Feedback
Print
- Last UpdatedJan 21, 2025
- 4 minute read
The list of audit trail event types for Imperva Cloud Application Security.
Types |
---|
A-records changed |
ABP Account created |
ABP Account updated |
ABP Website Group priorities updated |
ABP Account credentials created |
ABP Account credentials deleted |
ABP Website Group created |
ABP Website Group updated |
ABP Website Group deleted |
ABP Website created |
ABP Website updated |
ABP Website priorities updated |
ABP Website deleted |
ABP Website encryption key created |
ABP Website encryption key deleted |
ABP Condition created |
ABP Condition updated |
ABP Condition deleted |
ABP Policy created |
ABP Policy udpated |
ABP Policy deleted |
ABP Configuration published |
Account 1-day cancellation notification sent |
Account activated |
Account admin changed |
Account bandwidth exceeded |
Account data cleanup completed successfully |
Account default TLS configuration updated |
Account deleted |
Account edit event |
Account locked |
Account moved |
Account notifications email changed |
Account removed |
Account removed due to trial expiration |
Account roles deleted |
Account signup |
Account signup |
Account SSO error |
Account support of all TLS versions changed |
Account unlocked |
Add-on trial ended |
Add-on trial started |
API key created |
API key deleted |
API key disabled |
API key edited |
API key enabled |
API key reset |
Approved IP addresses |
ASN added |
ASN deleted |
Assets added to policy |
Assets removed from policy |
Available account added to policy |
Available account removed from policy |
Backdoor added |
Backdoor removed |
BGP added |
BGP changed |
Black list item added |
Black list item removed |
Bot configuration changed |
Cache mode changed |
Cache purged |
Cache rule added |
Cache rule disabled |
Cache rule edited |
Cache rule enabled |
Cache rule removed |
Cache Shield settings changed |
Client CA certificate uploaded |
Client CA certificate deleted |
Client CA certificate updated |
Client CA certificate assigned to website |
Client CA certificate removed from website |
Client CA certificate site configuration changed |
Compress logs settings changed |
Configuration changed |
Configuration changed to multi data centre |
Connection added/created |
Connection changed/updated |
Connection deleted |
Custom SSL added |
Custom SSL removed |
Data storage region changed |
Delivery rule disabled due to plan downgrade |
Details changed |
Detection policy updated |
Domain added |
Domain deleted |
Domain state changed |
Email change verification mail sent |
Email changed |
Email verified |
Encryption disabled |
Error page template changed |
Exception changed |
Exception deleted |
Failed to change cache mode |
Failed to change email |
Flow exporter added |
Flow exporter changed |
Flow exporter deleted |
HSTS configuration changed |
HTTP/2 configuration changed |
IP changed |
IP range diverted |
IP range reverted |
Log configuration created |
Log configuration deleted |
Log configuration updated |
Log connection created |
Log connection deleted |
Log connection updated |
Logged in as customer account user |
Logged out of customer account user |
Login |
Login attempt by unauthorized IP address |
Login Protect activated |
Login Protect disabled |
Login Protect Google Authenticator verification failed |
Login Protect Google Authenticator verified |
Login Protect invitation |
Login Protect phone verified |
Login Protect phone verified failed |
Login Protect user edited |
Login Protect user removed |
Login Protect user revoked |
Log collector API key changed |
Log collector config deleted |
Log collector config status changed |
Log collector item deleted |
Log configuration deleted |
Log connection created |
Log connection deleted |
Log connection updated |
Log format settings changed |
Log integration migrated |
Log integration rolled back |
Manual certificate deleted |
Manual certificate uploaded |
Max log size settings changed |
New CSR generated |
New logs collector API key created |
New log collector config created |
New log collector item created |
Password changed |
Password forgotten |
Password reset by admin user |
Policy added |
Policy cloned |
Policy deleted |
Policy modified |
Policy status modified |
Policy modified, exception added |
Policy modified, exception saved |
Policy of IP range updated |
Protected IP over Layer 2 added |
Protected IP over Layer 2 changed |
Protected IP over Layer 2 deleted |
Remove SSL complete |
Remove SSL start |
Request for account data cleanup |
Role assigned |
Role assignment deleted |
Role created |
Role deleted |
Role updated |
Rollover time settings changed |
Route option deleted |
Rule added |
Rule disabled |
Rule enabled |
Rule edited |
Rule priority changed |
Rule priority fixed |
Rule removed |
Rule reverted |
SAN CAA records fixed |
SAN expiration notice sent |
SAN removed |
SAN undeleted |
SAN validation method changed |
Seal location changed |
Secure Resources settings changed |
Security policy updated |
Sent unavailable storage email notification |
Server added to datacenter |
SIEM configuration resources purged |
SIEM notification email pushed |
Single IP added |
Single IP changed |
Single IP deleted |
Site advanced security rule configuration changed |
Site cache settings changed |
Site configured |
Site created |
Site delivery settings changed |
Site delivery settings restored to default |
Site enabled |
Site in extended SSL validation |
Site is disabled |
Site log level changed |
Site moved |
Site moved account |
Site moving process started |
Site notifications settings changed |
Site origin servers settings changed |
Site port forwarding changed |
Site reached the maximum number of allowed backdoor URLs |
Site removed |
Site security configuration changed |
Site server disabled |
Site state changed |
Site support of all TLS versions changed |
Site's POPs blacklist changed |
Site's POPs whitelist changed |
Specific resources purged |
SSL added |
SSL process started |
SSL selected |
SSO account configuration created |
SSO account configuration updated |
SSO protocol configuration created |
SSO protocol configuration updated |
Static route added |
Static route changed |
Subdomain added |
Subdomain deleted |
System message set |
Two factor authentication by email |
Two factor authentication by Google Authenticator failed |
Two factor authentication by Google Authenticator verified |
Two factor authentication by phone failed |
Two factor authentication by phone verified |
Two factor authentication by SMS |
Two factor authentication disabled |
Two factor authentication enabled |
Two factor authentication failed |
Two factor authentication passed |
[WARNING] Unauthorized IP address. Note: This is a warning message only. API requests from the unauthorized IP address will not be blocked until the actual change is implemented on September 29, 2024. For more details, see the July 28, 2024 Release Notes. |
User added to account |
User failed to sign-in |
User login via SSO failed |
User permissions changed |
User removed from account |
User roles deleted |
User sign-in |
User successfully logged in via SSO |
Waiting room added |
Waiting room deleted |
Waiting room updated |
Weekly account report read |
Weekly account report sent |
Last updated: 2025-01-21