Audit Logs for Multi-Org Deployments
In Multi-Org deployments, audit events are carefully segmented between parent and child organizations to ensure clear accountability and data integrity.
Audit Log Visibility
The following table outlines the relationship between users, actions, and audit log visibility within a Multi-Org environment. It distinguishes between users of the parent organization, who can operate across multiple organizations, and users of the child organization, who are limited to their individual subscriptions. The table highlights how actions by users are tracked and made visible in audit logs, depending on whether the actions occur within the parent organization or within specific child organizations.
Environment | User Association | Description | Audit Log Visibility |
|---|---|---|---|
Parent organization | Parent organization | Actions by users from the parent organization operating in the parent organization | Parent organization |
Child organization | Child organization | Actions by users from an individual child organization operating in the child organization | Child organization |
Child organization | Parent organization | Management actions in a child organization by users from the parent organization | Parent organization |
At the discretion of the parent organization, audit events may be shared with the child organization. To do so, use a third-party tool or set up a webhook to send logs directly to a child organization's webhook collector.
Subscription Details in Audit Logs
To accurately capture the context of each event within either the parent or child organization, audit logs include the following fields:
subscription_code– Unique identifier for the subscription.subscription_name– Stores the subscription name or subdomain name as appropriate.