Audit & Sign-in Logs

Audit & Sign-in Logs

Logs are your primary source of truth when something goes wrong. Whether you are investigating a security incident, responding to an audit, or simply trying to understand what changed and when — without logs, you are flying blind.

What Kasca backs up

Kasca continuously collects three types of logs from your identity platform:

• Audit logs — a record of changes made within your environment, including object modifications, permission changes, and administrative actions

• Sign-in logs — a detailed record of authentication activity across your organization

• Custom security attribute logs — capturing changes to custom security attributes assigned to objects in your environment

Log collection runs continuously with a minimum interval of 5 minutes, ensuring your records are always close to real-time.

The problem with native retention

By default, most identity platforms retain logs for 30 days. For organizations subject to compliance requirements or longer investigation timelines, this is rarely sufficient. Extending native retention typically means paying for a separate log analytics workspace — an additional cost that adds up quickly.

Kasca stores your logs directly in your own database, retaining them for as long as your storage allows. No separate analytics workspace required, no additional fees, no logs disappearing before you need them.

What you can do with your logs

Logs stored in Kasca are not just an archive. You can search and filter them directly within the platform, making it straightforward to investigate specific events, track changes over time, or respond to an audit request. When you need to share or process the data externally, export to CSV is available at any time.