Immutable Logs

Question

Hello Community,
I'm currently supporting a client in a highly regulated industry who is using M-Files in an on-premise configuration. During a recent internal audit, a concern was raised around the ability of M-Files administrators to delete entries from the event log. Given the importance of maintaining a tamper-proof audit trail, this has been flagged as a significant compliance risk.The current architecture does not support immutable logging in on-premise environments. Is there a way to lock event logs natively or export logs in real time to an external location that is not modifiable by M-Files admin accounts? Has anyone implemented third-party log management or SIEM tools in conjunction with M-Files to ensure compliance?

Joonas Linkola · Accepted Answer

These compliance requirements are typically addressed by enabling Advanced Event Log in the vault and exporting the logs with Compliance Kit's Log Exporter module. Once exported, the logs can be imported to any log management or SIEM tool. 
 Advanced Event Log and Log Exporter are included in the Advanced Content Control Module add-on. 
 If you want to discuss the specifics of this customer case further, I suggest reaching out to the Partner Support team.

Immutable Logs

Contact Us

Schedule a Demo

Careers

Trust Center

Privacy Policy

Security Hall of Fame

Subcontractors

M-Files Community

Support Portal

Help Center

Product Center

Download M-Files

User Guides

Product News