Skip to main content

Audit logs overview

View audit logs through Hex or stream to your own SIEM provider.

Audit logs are a record of the activities that occurred in the Hex platform, intended for use by security and compliance teams. They capture actions that are pre-defined in the Hex product, including activities related to projects, collections, cells, users and more. For a complete list of events captured in audit logs, please see the Audit log event reference page.

info
  • Available on the Enterprise plan
  • Only workspace Admins can access audit logs

Accessing audit logs

Audit logs are located in Settings under Access and Security. Once in the audit log page, click the button to enable audit logs for the workspace.

With audit logs enabled, you have the option to view audit logs through WorkOS or configure log stream to your Security Information and Event Management (SIEM) provider.

View audit logs

Hex uses WorkOS as the user interface for audit logs. Once they are enabled in Hex, clicking the “View audit logs” button will take you to the WorkOS page with your logs. Within the WorkOS interface, you will see each event along with the actor and date and time. Clicking into the log will provide a JSON with details about the event. You also have the option to Export the logs as a CSV.

The UI shows audit log records from the past thirty (30) days.

Configure log stream

Audit logs can be configured to stream directly to your Security Information and Event Management (SIEM) provider for you to monitor and work with alongside events from other cloud services. This also gives you control over how much historical data you want to keep.

Hex supports streaming to Amazon S3, Datadog, Splunk, and Google Cloud Storage. Click on “Configure log stream” and follow the step by step instructions provided by WorkOS to set up the stream for your SIEM or cloud storage provider.