With Anaplan Audit, you can track audit events from your Anaplan tenant. You can then use these events in technology such as a SIEM (Security Information and Event Management) product for alerting and tracking purposes.
Anaplan Audit provides you with up to 30 days worth of logs for specified events in your organization, including:
- Encryption logs — available if your organization uses Bring Your Own Key (BYOK).
- User activity audit logs.
- Access control audit logs.
- Connection Management audit logs — available if your organization uses single sign-on (SSO).
- CloudWorks™ integration audit logs — available if your organization uses CloudWorks.
- PlanIQ audit logs — available if your organization uses PlanIQ.
- Workflow audit logs — available if your organization has a Workflow entitlement.
With Audit, you can retrieve audit event information from the Anaplan public REST APIs and the Anaplan Administration console. Anaplan Audit is intended as a delivery mechanism for audit logs. Audit enables you to pull audit information frequently. You can then use your own technology to filter, analyze, and store your logs. Note that Anaplan Audit isn't designed to be a permanent repository of audit events.
To use Audit (including the Audit API), you must have Audit enabled in your tenant and you must be assigned the Tenant Auditor role. Your tenant administrator can assign users the Tenant Auditor role.
If Audit isn't enabled for your tenant, you can view and assign the Tenant Auditor role. However, tenant auditors have no authorizations until Audit is enabled.