Skip to main content
Panther Knowledge Base

Looking for the user who created an enrichment provider in the Panther Console

  1. Last updated
  2. Save as PDF

QUESTION

How can I find out who created an enrichment provider using the Panther Audit Logs?

ANSWER

To look for this information, you can search in the table panther_logs.public.panther_audit, inside the field 

actionparams:dynamic:input.

An indicative query that can be used in Data Explorer is the following:

SELECT

*

FROM

panther_logs.public.panther_audit

where actionparams:dynamic:input LIKE '%your_enrichment_provider_name%'

ORDER by p_event_time DESC

LIMIT 50