Documentation

Audit logs streaming | Entitle

Overview

Entitle uses outgoing webhooks to integrate its audit logs changes into the tools that your team already uses. You can use the audit logs webhook to make sure you have all the configuration changes that have been made to your team's tenant configuration as permissions granted and revoked logged within your systems for audit, security investigation, and various process automation purposes.

Connect a SIEM tool

Set up your SIEM tool

To set up the proper configuration in your SIEM tool, refer to the first section in the following guides, named Setup Audit Logs Webhooks:

Create a webhook in Entitle

  1. Log in to Entitle with an Admin account.
  2. Go to the Org settings page, then select the Audit logs tab.
  3. Click Add.
  4. Fill in specific required fields depending on the SIEM tool you wish to integrate with Entitle (you can find the instructions for this step under the Create audit log webhook in Entitle section in each of the guides above).
🚧

Important information

If Entitle repeatedly fails to deliver webhook requests, the webhook is automatically disabled. While disabled, new approval steps intended for that webhook are escalated to Entitle administrators.

©2003-2026 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.