Audit Suite: API and Integration Support

Asana’s Audit Suite includes APIs and Apps that support your organization’s security and compliance posture. Asana currently offers: 

  1. An Audit Log API that captures over a hundred security-and-compliance events. This is accessible to Super Admins of Enterprise+ domains, as well as Super Admins of legacy tier Legacy Enterprise domains, with multiple options to leverage a Security Information and Event Management (SIEM) vendor.
  2. Closed Enterprise APIs that support Data Loss Prevention (DLP)eDiscovery, and Archiving use cases; and several third-party integration partnerships in these areas.
  3. Support for Cloud Access Security Broker (CASB) vendors.

If you would like to speak with a member of our team about Asana’s Audit Suite support, please complete this form.

Audit Log API

Available on the Asana Enterprise+ tier, as well as legacy tier Legacy Enterprise.

Visit our pricing page for more information.

Asana’s Audit Log API provides super admins access to an immutable log of key events across their organization. Using the Audit Log API, super admins can capture and act upon important security and compliance related changes.

How to use the Audit Log API

Super admins can use Asana’s Audit Log API to:

  1. Set up proactive alerting with a Security Information and Event Management (SIEM) tool like Splunk
  2. Conduct reactive investigations when a security incident takes place
  3. Visualize key domain data in aggregate to identify security trends

Event categories

Asana’s audit log API includes dozens of events, including:

  1. Key changes made by admins in the admin console such as workspace_export_startedworkspace_password_requirements_changed, and user_workspace_admin_role_changed
  2. Critical user access events such as user_login_succeededuser_login_faileduser_invited,and team_member_added
  3. Deletion events such as task_deletedtask_undeleted, and portfolio_deleted
  4. Export events such as project_csv_export_initiated and workspace_teams_export_started
  5. Data and asset management events, such as attachment_uploaded and attachment_downloaded

For a full list and details around the API endpoint, visit the API documentation

Retention period

Asana stores audit logs for 90 days from the date of capture. Those who would like a longer retention period may choose to use their SIEM or another storage solution for continuous log ingestion.

Accessing the Audit Log API endpoint

Audit logs are accessible to super admins via service accounts. To see a detailed description of the audit log API endpoint, check out our developer documentation here.

To learn more about using Asana’s audit log API via Asana’s Splunk integration, visit Splunkbase to begin the installation process.

To learn more about using Asana’s audit log API via Asana’s Panther integration, visit their Asana Apps page.

Data Loss Prevention (DLP)

Customers may wish to regularly scan their Asana instances for data that affects or violates their organization-wide policies.

For example, an organization may wish to conduct a monthly audit to find any instances of passwords being inadvertently entered into Asana tasks.

For developers, Asana currently offers closed APIs that support Data Loss Prevention (DLP) use cases. Please fill out this form if you are interested in learning more.

For detail about Nightfall’s integration with Asana, visit their Asana Apps page.

eDiscovery

Customers may wish to pull data from Asana into a third-party eDiscovery tool to proactively plan for or reactively respond to litigation.

Asana offers closed APIs that support eDiscovery use cases. Please fill out this form if you are interested in learning more.

Visit Exterro’s and Hanzo's Asana Apps page to learn more about their third party integrations with Asana. Stay tuned for additional partnerships coming soon.

Archiving

Customers in highly-regulated industries may wish to regularly pull/store objects or events related to changes on objects in Asana.

Asana offers closed APIs that support Archiving use cases. Please fill out this form if you are interested in learning more.

Learn more about Theta Lake's integration with Asana by visiting their Asana Apps page

Cloud Access Security Broker (CASB)

Available on the Asana Enterprise+ tier, as well as legacy tier Legacy Enterprise.

Customers may wish to control use of Asana via their Cloud Access Security Broker (CASB) provider. Asana currently offers a connector with Netskope and support for setting approved workspaces. Please fill out this form if you’d like help integrating with a CASB provider that is not currently supported. Please visit this article to learn more about managing approved workspaces.

For detail about Netskope’s integration with Asana, visit the Asana Apps page.

Was this article helpful?

Thanks for your feedback