What is logged?
Events that are logged
Licensing changes
Linking or unlinking a solution license to a user group.
Authentication changes
Adding/deleting a user
Adding/deleting a user group
Adding/deleting users from a user group
Resetting or changing a user’s password
Adding/deleting a product from a user group
Updating a user group
(Failed) user actions
Failure to log on by a user
When a user tries to log on and his/her account is locked
First time user login
Failed user login (inactive start / end date)
When an account is locked (multiple wrong logins, end date, password expired)
Password settings
Changing the password strength
Changing password settings
Logging in/out Planon administrators
Logging of login/log off of users linked to the Planon administrator group
* 
•    If you want to log the login and logout timings of the users (in the selected user group), go to the User groups TSI > User groups and enable the Additional security logging field by selecting Yes. This data will be stored in the security logging file. To enable this feature, you must first make the security logging settings.
For more information, refer to Authorization > Security logging.
•    The Additional security logging setting is not enabled by default because it comes with a performance penalty. If you start logging for each user, this will create a considerable overhead. Only enable this setting if you need the information to retrieve more detailed information for analyzing issues.
Authorization changes
Switching on/off authorization
Switching on/off business object authorization
Changes to user group permissions:
- Adding/deleting/updating action filters
- Updating authorization filters (when linked to user group)
- Adding/deleting/updating authorization links
Updating function profiles (when linked to a user group)
- Adding/deleting field rights
- Updating field rights
- Adding/deleting actions
- Adding/deleting status transitions
- Adding/deleting extended actions
- Changing the permission type of BORight
- Changing the function profile default permission type
Environment Management gadget
In the Cloud, the following events are logged:
Disk
Changing disk space allocation
Customize
Changing the welcome image
Changing the welcome image to default
Changing the favicon image
Changing the favicon image to default
Changing the error page URL
Backups
Creating manual backup
Restoring backup (including backup ID, destination and with or without resetting user password)
Deleting a backup
Converting a backup from incremental to full
Changing a backup name
Changing a backup expiry date
Changing a backup comment
Changing retention period
Changing Save disk space (toggle for: incremental full backups)
Danger zone
Restarting
Scheduling a restart
Canceling a scheduled restart
Upgrading
Scheduling an upgrade
Canceling a scheduled upgrade
Reloading TMS
Changing the WebDAV password
Reseting NYX credentials
Importing a clone
Creating a clone voucher
Importing Accelerator
IP whitelisting
Enabling IP whitelist
Disabling IP whitelist
Changing IP whitelist settings
SSO
Enabling the SSO realm
Enabling SSO
Disabling SSO
Resetting the SSO Admin password
Domain settings
Changing the domain alias setting
Changing mutual SSL settings
Changing portal URL settings