Last updated: October 20, 2023
Read time: 3 Minutes
The audit log is a list of key events that occurred during the audit phase of a scan or task. For example, these events could include:
- When Burp finds a new issue.
- When Burp discovers more evidence for a known issue.
- When Burp discovers that an issue is no longer present, and removes it from the Issues list.
This information is displayed in two places:
- In the Issue activity panel on the dashboard. This panel contains issues from all scans and live tasks.
- In the Audit log tab of the task details window. This tab contains issues from an individual scan or task.
Viewing audit activity
The audit log enables you to:
- Monitor audit progress.
- View details of deferred interactions with the Burp Collaborator server.
- Assign confidence and severity levels to issues.
- Report issues.
Each item in the table contains the following details:
- # - An index number for the item.
- Time - The time that the issue was found.
- Source - The task that found the issue.
- Action - The action that was performed. For example, finding an issue, removing an issue, or adding evidence.
- Issue type - The issue type.
- Host - The host server for the issue.
- Path - Where applicable, the URL path to the issue location.
- Insertion point - Where applicable, the type of insertion point used in the request that found the issue.
- Severity - High, medium, low, or information.
- Confidence - Tentative, firm, or certain.
- Comment - Any user-applied comment. Double-click this field to add a comment.
Analyzing audit log activity
To filter the Audit log table, use the buttons at the top of the tab. You can filter using the following conditions:
The type of check used, selected from the following:
- Scan checks
To filter entries by a specific term, use the Search bar.
Select a log entry to view further information on it in the panel below the table. The following tabs are available:
- Advisory - A summary of the relevant issue. This contains a description of the issue and remediation advice.
- Request - This tab is displayed if the entry was created as a result of a request payload. It highlights the payload that triggered the issue.
- Response - This tab is displayed if the entry was created as a result of a response. It highlights the issue location.
- Path to issue - This tab is displayed if the entry was created as a result of a request payload. It displays the actions taken by Burp Scanner that led to the request being sent.
Managing audit log items
Right-click a log entry to perform further actions:
- Add comment - Add a comment to the item.
- Highlight - Apply a highlight color to the item.
- Set severity - Reassign an issue's severity level. You can flag the issue as a false positive.
- Set confidence - Reassign an issue's confidence level.
- Report selected issues - Generate a report of selected issues. For more information, see Reporting scan results.
If you reassign an issue's severity or confidence level, or capture additional evidence for it, then the issue is displayed with its updated details. To restore the original severity or confidence, right-click an issue and select Restore original value from the context menu.
Was this article helpful?
An error occurred, please try again.