Logout Events
Overview
Logout events show when a user session ended through a supported logout action.
What this feature does
They help build a clearer access timeline by showing when a user left the system, where such events are available.
Why it is useful
- It helps understand session behavior.
- It can support investigations around sensitive actions.
- It gives additional context when reviewing login and activity timelines.
Who should read this?
RISE Admin, Security Officer, Support Engineer.
Where to find it
Rise Audit Pro → Auth Log.
How to use it
- Open Auth Log.
- Filter or search for logout events if available.
- Compare logout time with login and activity events.
- Use Session Timeline for a broader view of a user’s activity.
Example workflow
A user logged in, updated multiple records, and logged out shortly after. The admin reviews the timeline to understand the sequence of activity.
Screenshot
Screenshot required
Capture from: Rise Audit Pro → Auth Log → Logout events
Capture from: Rise Audit Pro → Auth Log → Logout events
Common mistakes
- Assuming missing logout always means a problem. Sessions can expire or end without a normal logout action.
- Using logout events alone without comparing login and activity data.
Related articles
- Session Timeline
- Login Success Events
- Investigating Suspicious Login Activity
