Skip to main content

Session Auditing

Every DeviceView session is indexed. This page covers what gets captured, where it's stored, and how to export it for compliance reviews.

What's captured

For every session, DeviceView records:

  • A full timeline of events — Device name, operator name, session start, session end, duration, data transfered, file transfers, shell commands.
  • Chat transcript.

Retention

Default retention is 30 days.

Exporting audit logs

From Histiry → Audit log, export:

  • CSV — best for spreadsheet-based reviews.
  • JSON — best for SIEM ingestion and programmatic analysis.

Exports can be filtered by date range, technician, device group, or policy.

Required for compliance

Session recording supports common audit and compliance needs:

  • SOC 2 control evidence.
  • HIPAA support-session logging.
  • PCI access tracking.
  • Internal IT change control.

Talk to your compliance contact for the tenant settings that match your framework.