Security Event Coverage in Telemetry Extractor
We’re excited to share that we’ve made several key improvements to the security events provided by our telemetry extractor. These changes are designed to give you more detailed and relevant insights into who’s doing what within your environment.
Previously, the telemetry extractor associated audit log events either with a specific organization or project, or (at a higher level) with a user’s email domain. While this approach covered a range of scenarios, it didn’t fully address the unique needs of single-tenant clients, and for multi-tenant clients, it provided little practical benefit. We’ve refined our approach to better serve both groups.
Single-Tenant Clients
- Expanded Visibility
Thesecurity_eventtable now captures all audit log events. In addition to the existing coverage at the project and organization levels, the table now includes events for admin and maintainer activities. This makes it possible to monitor nearly any security-relevant action within your single-tenant environment.
Multi-Tenant Clients
- Relevant Events, Reduced Noise
Thesecurity_eventtable records all audit log events directly associated with your specific organization or project. We’ve removed events determined only by user email domain, as they did not offer actionable security value. - No Loss of Coverage
You’ll continue to see every relevant security event for your organizations and projects. This helps you focus on meaningful activities without losing any essential information.
For a full list of the events covered under these changes, visit our documentation.
These updates reflect our commitment to continually improving your security and operational insights. Stay secure, stay informed!