Usage guide: Nexthink audit log monitoring

This page outlines various ways to use the pack, including use case examples.

Administrators can refer to the Configuration guide: Nexthink audit log monitoring to set up and customize the installed content.

The Nexthink audit log monitoring library pack enables EUC teams to:

  • Provide insight into the tracking and recording of user activities and system changes for security purposes.

  • Audit logs provide a detailed account of actions taken within the Nexthink platform, such as user logins, permission alterations, and system configurations. By documenting user actions, Nexthink audit logs help establish accountability, allowing organizations to pinpoint who made specific changes.

  • The audit trail codes used in this section apply to Nexthink Infinity and require specific permission to query audit logs. The Configuration guide: Nexthink audit log monitoring section provides more details on the configuration and content dependency.

Library pack uses

Jump to Use cases on this page to see relevant scenario applications.

Use the library pack content for the following purposes:

Gain visibility and control into changes made to the Nexthink tenant.

Visibility

The Nexthink audit log monitoring live dashboard is the starting point of this library pack. The dashboard is organized into four tabs:

  • The System and admin tab provides information about the system audit trails, user admin audit trails, and product configuration audit trails.

  • The Remote actions tab provides detailed information on "Remote action management" and "Remote action triggers."

  • The Product feature tab provides comprehensive information about the audit logs for campaigns, live dashboards, alerts, investigations, workflows, custom fields and applications.

  • The Other audit trails details tab provides information about other product configurations and displays audit log data not visible in other tabs.

You can filter the information displayed on the dashboards using the filter at the top of the screen to include one or more account names or to filter by one or more categories.

Monitoring

Identifying events through audit logs helps track all activities occurring within the Nexthink platform. If any unauthorized modifications, deletions, or actions are detected, the user roles can be reviewed to ensure proper management of each user's allowed actions.

Use cases

Remote action management

This section displays the number of remote actions created, modified, and deleted. It offers insights into all remote action configurations performed within the Nexthink platform. By monitoring these changes, you can identify suspicious activities and take proactive measures to safeguard sensitive information.

Regular auditing of remote actions enhances security and ensures compliance with organizational policies.

The details table provides a detailed description to help you understand the audited event, its timestamp, and the user account from which it was executed.

Campaigns

This section shows the number of campaigns that have been created, modified, and deleted. Monitoring these changes allows for the efficient management of the enterprise strategies and ensures that all campaigns align with organizational objectives and compliance requirements.

The details table provides a detailed description to help you understand the audited event, its timestamp, and the user account from which it was executed.


RELATED TOPICS

Last updated