4 mins, 42 secs read time
Have you ever noticed that your phone updated its software or settings, leaving you a little perplexed as to what changes were made, who made them and why?
On a much greater scale, we understand that many companies' security teams (from IT to data compliance) may want similar clarity into your hiring software – like who is accessing information and where they are accessing it from.
That’s why we built the new Greenhouse audit log.
What is an audit log?
Audit logs are detailed records that capture and document events occurring within an information system. They serve as a digital paper trail, offering insights into who did what, when and how. They are instrumental in maintaining accountability, tracking compliance with regulations, investigating security incidents and resolving disputes. By monitoring and analyzing audit logs, organizations can proactively identify vulnerabilities and unauthorized access or anomalous behavior, helping fortify their cybersecurity.
Whether you're in charge of IT security, data compliance or overall system management, understanding and effectively utilizing the Greenhouse audit log can greatly enhance your organization's data governance and security practices.
Importance of an audit log
Audit logs act as a watchtower over your digital environment. By recording every user action and system event, they help you monitor user actions and configuration changes, and report on any anomalous behavior. This proactivity allows you to take immediate action to mitigate risks and protect sensitive data.
In a world of evolving data protection regulations, audit logs are a critical asset for maintaining compliance. They provide the documentation needed to demonstrate adherence to industry standards and legal requirements. Organizations subject to regulations like GDPR, HIPAA or PCI DSS can rely on audit logs to showcase data handling practices and quickly respond to compliance audits.
When a security incident occurs, audit logs become invaluable forensic tools. They enable you to reconstruct events leading up to the incident, helping you pinpoint the source, scope and impact of the breach. This data is essential for assessing the extent of the damage, identifying affected systems and devising strategies to prevent future occurrences.
Components of an audit log
You can access the audit log with the Business Intelligence Connector or Greenhouse API.
Audit log results contain the following attributes in API and columns in Business Intelligence Connector:
Whether you use the audit log for a rolling record of historical changes or to target alerts to sensitive events, the basics will be the same:
- event_target_type: Use this attribute for isolating certain types of events and sensitive changes. For example, you might query "Job Info Changed" to find examples of this sensitive change:
select * from audit_log where event_target_type = 'Job Info Changed'
- request_id: If you want to investigate an event further, use the event's request_id to find linked audit log entries containing event details:
select * from audit_log where request_id = 'bbe330197ea'
- event_meta: Audit log results sharing a common request_id may include event meta as before and after values or other important details about the event. Check out the example queries below.
- event_time: Use the linked entries and the corresponding event times to produce a timeline of events.
- performer_id: Examine which Greenhouse Recruiting user or integration performed the event.
Best practices for audit log management
Managing audit logs effectively involves more than just collecting data. Here are some best practices to ensure the integrity and usefulness of your audit logs.
Secure storage and encryption
Store audit logs in a secure log management system. Implement encryption to protect the logs from unauthorized access or tampering.
The Greenhouse audit log offers a record of important events in your Greenhouse Recruiting environment from the previous 30 days. We recommend that you set a schedule to back up your audit log every 30 days to ensure that you don’t lose out on any metadata.
Define retention periods for your audit logs based on regulatory requirements and business needs. Purge outdated logs to free up storage space while maintaining compliance.
Detect sensitive changes in Greenhouse Recruiting, like when job posts or candidates are deleted. Use audit log results to monitor events such as:
Access and permission changes
Audit user access and permission changes in Greenhouse Recruiting.
Resolving user disputes
Settle disputes by providing an objective record of user actions in Greenhouse Recruiting. This documentation can help clarify misunderstandings and come to resolutions regarding user error.
Challenges and considerations
Balancing data volume and retention
Storing large volumes of audit logs can be resource-intensive. Strike a balance between retaining logs for compliance and performance considerations.
Ensure that the information captured in audit logs aligns with privacy regulations. Avoid collecting excessive personal data that isn't relevant to security monitoring.
While audit logs can reveal system vulnerabilities, they also highlight user mistakes. It's essential to approach incidents with a focus on improvement rather than blame.
A well-implemented audit logging system provides a detailed, chronological account of events that can be invaluable in investigating incidents, demonstrating compliance and improving overall system integrity.
Embrace the power of the Greenhouse audit log and leverage it to fortify your data protection efforts.
If you're interested in learning more about the new Greenhouse new audit log, please check out the support center and reach out to your account manager.