Customize Audit Logs Collection

This article will help you get the most out of the Audit Logs feature available in SysKit Security Manager.

By default, SysKit Security Manager collects the majority of available activities, nevertheless, you have the option to select which activities are being collected.

To see all available activities and manage which of them are collected by SysKit Security Manager, navigate to Settings > Audit > Audit Logs, and click the Select activities to collect link. A new window opens, giving you the possibility to select or deselect an activity, or an entire activity group, for collection.


To save disk space used by audit logs data, disable the collection of activities that you consider unnecessary.

Can't find an activity in the audit reports? Chances are, it is not collected by default. Review your settings and turn on the collection of wanted activities.

Below, you can find a complete list of audit log activity categories available in SysKit Security Manager. You can select from more than 200 activities currently available, with the list being regularly updated with new activities. By clicking on the activity category link, you can find the following information for each activity in the selected category:

  • Display Name - activity name visible in SysKit Security Manager

  • Original Name - original activity name created by Microsoft visible in Audit logs search

  • Description - short description of every activity

  • Collected - column showing if the activity is collected by default

Activity Categories