Skip to content
English
  • There are no suggestions because the search field is empty.

Is there an Audit Trail in Edgescan?

Yes, each asset has an audit trail associated with it where you can view all of the key events associated with an asset.

Version Number: v1.0.2

Published Date: 12 Nov 2025

____________________________________________________________________________

The audit trail is available in the asset page in the below location.

It presents as a timeline of key events like the below.

Data that is captured in the audit trail is below. If there are additional data points you require please let your Edgescan sales rep know and they'll request them from the product development team.

Organization

  • URL: /api/v1/organizations/<ID>/field_changes.json

  • Tracks changes to: status, default_blackout_timetable_id, name

  • Includes changes to these child resources: slas (see below for list of tracked fields)

Asset

  • URL: /api/v1/assets/<ID>/field_changes.json

  • Tracks changes to: asm_enabled, assessment_frequency, name, next_assessment_date, hostname, priority, status, scanning_schedule_id, disable_reason

  • Includes changes to these child resources: location_specifiers, credentials, api_descriptors, assessments (see below for list of tracked fields)

Assessment

  • URL: /api/v1/assessments/<ID>/field_changes.json

  • Tracks changes to: task_status

Vulnerability

  • URL: /api/v1/vulnerabilities/<ID>/field_changes.json

  • Tracks changes to: status, severity_mod, threat_mod

User

  • URL: /api/v1/users/<ID>/field_changes.json

  • Tracks changes to: last_login_time, status, username, email, organization_id, phone_number, mfa_enabled, first_name, last_name

  • Includes changes to these child resources: permissions (see below for list of tracked fields)

Credential

  • URL: /api/v1/credentials/<ID>/field_changes.json

  • Tracks changes to: username, role, scope, auth_protocol, description, primary, type, login_url, ntlm_domain, password

  • Tracks changes in sensitive mode to: password, ntlm_domain

Location Specifier

  • URL: /api/v1/location_specifiers/<ID>/field_changes.json

  • Tracks changes to: location, location_type, asset_id

Permission

  • URL: /api/v1/permissions/<ID>/field_changes.json

  • Tracks changes to: granted, resource, scope, value, scoped_id, organization_id

API Descriptor

  • URL: /api/v1/api_descriptors/<ID>/field_changes.json

  • Tracks changes to: api_info, api_path, base_path, controllers, file_location, host, model_definitions, parameter_definitions, schemes, server_urls, source_tool_name, swagger_version, status, location_specifier_id

SLA

  • URL: /api/v1/slas/<ID>/field_changes.json

  • Tracks changes to: organization_id, score_range_start, score_range_end, max_open_time, score_type

Scheduled Task

  • URL: /api/v1/scheduled_tasks/<ID>/field_changes.json

  • Tracks changes to: status

Tagging

  • URL: /api/v1/taggings/<ID>/field_changes.json

  • Tracks changes to: tag_id, resource_type, resource_id, category, identifiable_name

Pause Schedule

  • URL: /api/v1/pause_schedules/<ID>/field_changes.json

  • Tracks changes to: name, description, timezone, organization_id

Pause Window

  • URL: /api/v1/pause_windows/<ID>/field_changes.json

  • Tracks changes to: recurrence_rule, timezone