Audit Log Export
DataGrail's Audit Log Export feature enables you to export detailed activity logs from your DataGrail account to a cloud storage bucket. This allows you to integrate DataGrail activity data into your Security Information and Event Management (SIEM) system for comprehensive security monitoring, compliance reporting, and audit trail management.
SIEM Audit Logs are currently available for customers using DataGrail's Request Manager product.
Available Log Categories
DataGrail exports audit logs across five key categories to provide comprehensive visibility into privacy operations:
| Log Category | Description |
|---|---|
| Data Subject Requests Workflow Log | Captures request workflow state transitions (e.g., Extracting Personal Data, Pending Legal). |
| Integration Connection Log | Records user updates and changes to integrations on the Integrations page, including field modifications and integration removal. |
| Integration Log | Tracks API calls per integration during request processing phases, including third-party integrations, direct contact emails, and identifier retrieval. |
| Data Subject Requests Log | Documents all updates to privacy requests, corresponding to logs displayed in the Request Details Activity Logs. |
| Automated Workflow Log | Records changes to automated workflows, including publishing and unpublishing actions. |
Configuration
To begin exporting audit logs to your SIEM, you'll need to configure a cloud storage integration for audit log storage.
- Navigate to Integrations in the left-hand menu.
- Either select an existing cloud storage integration or create a new one.
Supported Cloud Storage Providers
The following Cloud Storage Providers are supported by DataGrail:
- Check the Audit Log Storage option.
- Complete the integration configuration and select Save Changes.
You can configure multiple cloud storage integrations for audit log storage. All log categories will be exported to each configured destination.
Audit Log Format & Delivery
DataGrail exports audit logs on a daily schedule with:
- Frequency - Logs are exported once per day, capturing all activity from the previous 24-hour period.
- Format - Logs are exported in JSON format for easy integration with SIEM platforms.
- File Structure - Exported files are organized by date and category using the following path structure:
audit_logs/YYYY-MM-DD/category_name.json
For example, logs for Data Subject Requests on January 15, 2025 would be located at:
audit_logs/2025-01-15/data_subject_requests_log.json
This structure allows you to easily configure your SIEM to ingest logs by date range or specific categories based on your monitoring and compliance requirements.
Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.