Knowledge Base
Panther.com
Release Notes
Demo Request
Search…
Overview
Quick Start
Data Sources & Transports
Writing Detections
Cloud Security Scanning
Alert Destinations
Data Analytics
Enrichment
System Configuration
Role-Based Access Control
SAML/SSO Integration
Panther Audit Logs
Querying and Writing Detections for Panther Audit Logs
Panther Audit Log Actions
System Health Notifications
Snowflake Integration
Self-Hosted Deployments (Legacy)
Guides
Help
Panther Developer Workflows
Panther API
Panther Analysis Tool
Managing Detections via CI/CD
GitHub Actions Onboarding Guide
Panther Config SDK (Beta)
Powered By
GitBook
Panther Audit Log Actions
Below you'll find a list of all the available actions that Panther tracks as part of its audit logs:
ADD_MITRE_REPORT_MAPPING
CANCEL_DATA_LAKE_QUERY
CANCEL_LOG_SOURCE_JOB
CHECK_LOOKUP_TABLE_IMPORT_STATUS
CHECK_LOOKUP_TABLE_SYNC_STATUS
COMPUTE_REPLAY
CREATE_ALERT_DESTINATION
CREATE_API_TOKEN
CREATE_CLOUD_ACCOUNT
CREATE_DATA_MODEL
CREATE_DETECTION_FILTER
CREATE_DETECTION_PACK_SOURCE
CREATE_GLOBAL_HELPER
CREATE_LOG_PROVIDER_REQUEST
CREATE_LOG_SOURCE
CREATE_LOG_SOURCE_ALARM
CREATE_LOOKUP_TABLE
CREATE_OR_UPDATE_SCHEMA
CREATE_POLICY
CREATE_REPLAY
CREATE_RULE
CREATE_SAVED_DATA_LAKE_QUERY
CREATE_USER
CREATE_USER_ROLE
DELETE_ALERT_DESTINATION
DELETE_API_TOKEN
DELETE_CLOUD_ACCOUNT
DELETE_DATA_MODEL
DELETE_DETECTION
DELETE_DETECTION_FILTER
DELETE_DETECTION_PACK_SOURCE
DELETE_GLOBAL_HELPER
DELETE_LOG_SOURCE
DELETE_LOG_SOURCE_ALARM
DELETE_LOOKUP_TABLE
DELETE_SAVED_DATA_LAKE_QUERY
DELETE_USER
DELETE_USER_ROLE
DOWNLOAD_DATA_LAKE_QUERY
DOWNLOAD_DETECTIONS
EXECUTE_DATA_LAKE_QUERY
EXECUTE_INDICATOR_SEARCH_QUERY
GENERATE_CUSTOM_SCHEMA_SAMPLE
GENERATE_CUSTOM_SCHEMA_SAMPLE_UPLOAD_URL
GENERATE_DATA_LAKE_SQL_QUERY_SNIPPET
GENERATE_LOOKUP_TABLE_IMPORT_URL
GET_ALERT
GET_ALERT_DESTINATION
GET_API_TOKEN
GET_CLOUD_ACCOUNT
GET_CLOUD_RESOURCE
GET_CUSTOM_SCHEMA
GET_DATA_LAKE_DATABASE
GET_DATA_LAKE_QUERY
GET_DATA_LAKE_QUERY_SUMMARY
GET_DATA_LAKE_TABLE
GET_DATA_MODEL
GET_DETECTION_FILTER
GET_DETECTION_PACK
GET_DETECTION_PACK_SOURCE
GET_GENERAL_SETTINGS
GET_GLOBAL_HELPER
GET_HOLDING_TANK_SOURCE_RUNNING_TASK
GET_LOG_SCHEMA_TEST_RESULTS
GET_LOG_SOURCE
GET_LOG_SOURCE_JOB
GET_LOG_SOURCE_RAW_DATA
GET_LOOKUP_TABLE
GET_MITRE_MATRIX
GET_MITRE_MATRIX_TREE
GET_ORGANIZATION_COMPLIANCE_STATS
GET_ORGANIZATION_METRICS
GET_POLICY
GET_REPLAY
GET_REPLAY_ALERT
GET_REPLAY_PREVIEW
GET_REPORT_SETTING
GET_RULE
GET_SAML_SETTINGS
GET_SAVED_DATA_LAKE_QUERY
GET_SOURCE_METRICS
GET_SUPPORTED_LOG_PROVIDER
GET_USER
GET_USER_ROLE
IMPORT_LOOKUP_TABLE_DATA
INFER_CUSTOM_SCHEMA
INFER_SCHEMA_FROM_RAW_DATA
ISSUE_ALERT_SUMMARY_QUERIES
LIST_ALERTS
LIST_ALERT_DESTINATIONS
LIST_API_TOKENS
LIST_CLOUD_ACCOUNTS
LIST_CLOUD_RESOURCES
LIST_DATA_LAKE_DATABASES
LIST_DATA_LAKE_QUERIES
LIST_DATA_MODELS
LIST_DETECTIONS
LIST_DETECTION_FILTERS
LIST_DETECTION_PACKS
LIST_DETECTION_PACK_SOURCES
LIST_GLOBAL_HELPERS
LIST_HOLDING_TANK_TASKS
LIST_LOG_SOURCES
LIST_LOG_TYPES
LIST_LOOKUP_TABLES
LIST_POLICIES
LIST_REPLAYS
LIST_REPLAY_ALERTS
LIST_RESOURCES
LIST_SAVED_DATA_LAKE_QUERIES
LIST_SCHEMAS
LIST_SUPPORTED_LOG_PROVIDERS
LIST_USERS
LIST_USER_ROLES
RESET_USER_PASSWORD
RESOLVE_SOURCE_ALARM
RETRY_ALERT_DELIVERY
SEND_TEST_ALERT
SEND_USER_FEEDBACK
SIGN_IN
STOP_REPLAY
SUMMARIZE_DATA_LAKE_QUERY
SUPPRESS_POLICY
SYNC_LOOKUP_TABLE_DATA
TEST_CUSTOM_SCHEMA
TEST_LOG_SCHEMA_WITH_RAW_DATA
TEST_POLICY
TEST_RULE
UPDATE_ALERT_ASSIGNEE
UPDATE_ALERT_DESTINATION
UPDATE_ALERT_STATUS
UPDATE_API_TOKEN
UPDATE_CLOUD_ACCOUNT
UPDATE_CUSTOM_SCHEMA_STATE
UPDATE_DATA_MODEL
UPDATE_DETECTION_FILTER
UPDATE_DETECTION_PACK_SOURCE
UPDATE_DETECTION_PACK_STATE
UPDATE_DETECTION_STATE
UPDATE_GENERAL_SETTINGS
UPDATE_GLOBAL_HELPER
UPDATE_LOG_SOURCE
UPDATE_LOOKUP_TABLE
UPDATE_MITRE_REPORT_SETTING
UPDATE_POLICY
UPDATE_RULE
UPDATE_SAML_SETTINGS
UPDATE_SAVED_DATA_LAKE_QUERY
UPDATE_USER
UPDATE_USER_ROLE
UPLOAD_DETECTION_ENTITIES
Previous
Querying and Writing Detections for Panther Audit Logs
Next
System Health Notifications
Last modified
2mo ago
Copy link