Skip to main content

View Logs

Understand the features of Log Viewer

In the Pangea User Console , under the COMPLIANCE section, click Secure Audit Logs, and select View Logs to open the Secure Audit Log Viewer.

note

Secure Audit Log can automatically capture events in AI Guard , Prompt Guard , AuthN , AuthZ , Secure Share , and Vault . These logs, which by default are filtered by the service configuration ID, can be accessed by selecting Activity Log in the navigation sidebar on the respective service page in the Pangea User Console .

The Secure Audit Log Viewer page can be used to search, view, and verify tamperproofing of all logs stored by the service.

Pangea's Secure Audit Log Viewer page in the Pangea User Console

By default, the log viewer displays events from the past two hours for the current service.

To customize your search, you can:

  • Click the funnel icon to open the filter dialog. Enter your search criteria and click Search. The search syntax will appear in the search bar, and matching results will be shown in the table below.
  • Place your cursor in the search bar to view a dropdown of available search parameters. Start typing to filter the list and use autocompletion to build your query.
  • Manually enter your query using the Search Syntax described in the Secure Audit Log documentation.

Date range

All searches must be restricted to a time range, with the default set to the most recent two hours.

The date range selector drop-down next to the search button offers several options for selecting a date range:

  • Use Quick selections to choose a relative date range of 1, 7, or 30 days.
  • Under the Relative tab, define a custom relative date range.
  • Use Between to search for log events between two specific dates.
  • Use Before to search for events that occurred before a specified date.
  • Use After to search for events that occurred after a specified date.

Additionally, you can filter results by clicking on a result row and selecting a timestamp. This allows you to filter for a specific date or use the timestamp as an upper or lower date range limit by clicking the + button next to the captured timestamp in the log.

Selecting a date criteria using the captured timestamp on the Audit Log Viewer page in the Pangea User Console

note

The log retention policy defines how long Pangea stores logs across different storage tiers and which logs remain searchable. For details, see the Secure Audit Log Retention policy documentation.

You can configure the Retention policy on the Secure Audit Log General Settings page in your Pangea User Console .

Results

Displayed fields

By default, the fields marked as Visible in the audit log schema are displayed as columns in the search results. To change which fields are displayed, click the gear button.

By default, the fields marked Visible in Settings >> Audit Log Schema will be displayed as columns in the search results. To display different fields, click the gear button.

Event details

To view all fields for an event, click the corresponding row in the search results. This will expand the row to reveal all event fields, including those not configured for display in the table. If any fields contain JSON data, they will be displayed as an interactive JSON tree.

Field comparison

A common requirement for audit logs is to record the value of a field both before and after a change is made. This enables the history of values to be recorded when capturing the update events.

The log viewer highlights in yellow the differences between the values stored in the old and new fields.

Tamperproof information

Records returned by the Log Viewer are marked with icons indicating the tamperproof status of each record. Learn more about Tamperproofing in the Security Audit Log documentation.

  • Lock icon

    The lock icon indicates that the membership proof for the corresponding log event has been verified.

    Click the lock icon to open a pop-up displaying the information required to independently verify the log event:

    • Status

      The statuses are Verified, Unverified, and Failed. If the status is Failed, the lock icon will appear red. Records that are still cached will appear unverified until they are committed from the cache.

    • Verification Artifacts

      This includes the message hash, membership proof, consistency proof, root hash, and a link to the published root hash.

    • Verification Command

      You can use the copied command with Pangea's Python SDK to verify the tamperproof status of the record.

  • Green line

    The green line indicates that the consistency proof for the two adjacent log events has been verified.

These icons will appear asynchronously after search results are returned, as they are verified.

Download logs

Use the Download button to save search results to a CSV file for analysis, sharing, archiving, importing into another audit logging service, or other purposes.

note

The download button may trigger a pop-up to verify that you want to download from the website. Some browsers block this pop-up, so you may need to allow pop-ups for the page. After that, you must confirm the download request before the download begins.

Was this article helpful?

Contact us

Secure AI from cloud to code

636 Ramona St Palo Alto, CA 94301

Guides
Services
SDKs & APIs

©2025 Pangea. All rights reserved.

PrivacyYour Privacy ChoicesTerms of UseLegal Notices
Contact Us