Managing session logs
PingOne Privilege provides comprehensive logging and auditing capabilities that give administrators full visibility into user activity and system events. These logs are essential for security monitoring, compliance, and troubleshooting. Because the PingOne Privilege authenticator app is bound to the device’s Trusted Platform Module (TPM), every action is cryptographically signed, creating a non-spoofable audit trail of user activity.
If session logging is enabled for your tenant, PingOne Privilege records all SSH and database sessions. These logs provide a detailed audit trail of user activity for compliance and troubleshooting purposes. Enable this feature in the tenant settings.
Viewing session logs
To view session logs:
-
In the PingOne Privilege admin console, go to Activity > Session Logs.
-
Use the available filters to search the logs or narrow the results by a specific time frame, resource, user, or audit status.
-
Click any log entry in the list to view its details, including a session recording if available.
