Event Reporting

Integration with the Keeper Advanced Reporting & Alerts Module

Keeper Secrets Manager generates several events in the Advanced Reporting & Alerts Module. These events are available for analysis in several places including:

Secrets Manager Events

Below is the list of events generated from Secrets Manager. "Application" refers to the Secrets Manager Application which is associated to a record or folder in the Keeper Vault.

Event Name

Description

What causes event

app_record_shared

User ${username} shared record UID ${secret_uid} with KSM application ${app_uid}

When record owner adds record to the Application

app_folder_shared

User ${username} shared folder UID ${secret_uid} with KSM application ${app_uid}

When the shared folder owner adds shared folder to the Application

app_record_removed

User ${username} removed record UID ${secret_uid} from KSM application ${app_uid}

When user removes record share from the Application

app_folder_removed

User ${username} removed folder UID ${secret_uid} from KSM application ${app_uid}

When user removes folder share from the Application

app_record_share_changed

User ${username} changed share permissions for record UID ${secret_uid} for KSM application ${app_uid}

When user changes share permissions of record share in the Application

app_folder_share_changed

User ${username} changed share permissions for folder UID ${secret_uid} for KSM application ${app_uid}

When user changes share permissions of folder share in the Application

app_client_added

User ${username} added KSM device ${device_name} to application ${app_uid}

When a new Client Device was added to the Application

app_client_removed

User ${username} removed KSM device ${device_name} from application ${app_uid}

When Client Device was removed from the Application

app_client_connected

KSM device ${device_name} performed initial connect to application ${app_uid}

Client Device initially connected with the One Time Access Token

app_client_access

KSM device ${device_name} has accessed secrets from application ${app_uid}

Client Device accessed the Application shares

app_client_record_update

KSM device ${device_name} has updated record UID ${secret_uid}

Client Device has updated a record

Access denied from blocked IP

Access denied to record UID ${secret_uid} from device with blocked IP address ${device_ip}

Device with an IP that is different from the IP lock attempts to access a secret

For a list of all events, visit: https://docs.keeper.io/enterprise-guide/event-reporting

Last updated