Audit Log

Organizations that need to troubleshoot serious security breaches rely on audit logs for a forensic analysis of the activities leading up to actual and potential breaches. In regulated industries, these audit trails are a mandated requirement to comply with security audits.

With the Knox platform, an enterprise IT admin can use an EMM console to enable audit logging on all corporate devices. IT admins can proactively pull audit logs from time to time, to detect and defend against malware or viruses at the earliest onset. In the event of a possible intrusion, IT admins can parse the logged events for unauthorized activities.

The Knox platform Audit Log provides comprehensive information about device events, including:

  • Password policies set for devices and containers
  • App installation and removal
  • Certificate failure and key generation
  • Account creation and removal
  • File exchange attempts over Wi-Fi

To help better manage device storage, IT admins can control the Audit Log size.

The benefits to an enterprise include:

  • Early detection and defense against malware and viruses.
  • Empowering IT admins with powerful troubleshooting data.
  • Adherence to mandated requirements in regulated industries.
  • Compliance with the Mobile Device Fundamentals Protection Profile (MDFPP) 2.0 requirements to collect events.


  • Knox platform v2.5 or higher
  • EMM support