Security log¶
The audit log in Agora tracks administrative actions, supports incident response, and enables later security analysis. This section shows the history of operations users performed in the system.
Why the audit log matters¶
The audit log reconstructs who did what and when, supporting investigations, internal controls, and security reviews.
What the audit log shows¶
Each audit event shows:
- operation time;
- session ID;
- account that performed the action;
- event type;
- target object;
- extra data in
payload.
When linked objects exist, the UI can jump to:
- the session card;
- the user card;
- the stream;
- the streamer.
That speeds up moving from a log line to full context.
Search and filter controls¶
Controls include:
- date or time range;
- filter by event types.
Use them to:
- narrow to a period;
- focus on relevant operation classes;
- separate user actions, configuration changes, and security events.
Event types¶
Logged classes include:
- user login and logout;
- stream create, update, delete;
- streamer create, update, delete;
- account operations including lock.
The set may grow as the system and admin API evolve.
Paginated log loading¶
The log loads in chunks. When there are many rows, the UI loads additional pages sequentially.
That supports:
- large event volumes;
- lower UI load;
- comfortable sequential review.
Relation to sessions¶
The audit log links closely to user sessions. Each session can show related operations, and from the log you can open a session to continue analysis.
That helps with suspicious activity, admin change reviews, and per-login user behavior.