> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Events

> View, filter, and export the security event log for your organization, including failed logins, permission violations, and MFA failures.

Security events dashboard at `/settings/security-events` where administrators review the organization's security event log with filtering by event type and severity, plus export capability.

## Overview

The Security Events page displays a filterable, searchable table of security events fetched via `useSecurityEventsList`. Filters include event type (failed\_login, permission\_violation, suspicious\_activity, account\_lockout, mfa\_failure) and severity (info, warning, error, critical). A free-text search field is available. Clicking a row opens an event detail sheet (`SheetContent`) showing full event metadata. A **Download** button exports the filtered result set. The route is gated by `pf.security_events.view`.

## Who it's for

**Required permission:** `pf.security_events.view`

## Before you start

* You must hold the `pf.security_events.view` permission.
* Events are scoped to the current organization.

## Steps

1. Navigate to `/settings/security-events`.
2. Use the **Event Type** and **Severity** filters to narrow the list.
3. Use the search field to find events by keyword.
4. Click a row to view full event details in the side panel.
5. Click **Download** to export the filtered event log.

## Key concepts

**Event type** — The category of security event: `failed_login`, `permission_violation`, `suspicious_activity`, `account_lockout`, or `mfa_failure`.

**Severity** — The assessed impact of the event: `info`, `warning`, `error`, or `critical`.

**Event detail sheet** — A slide-over panel showing all fields of a selected event record.

## Related

<Columns cols={2}>
  <Card title="Platform Foundation" icon="layer-group" href="/pf/overview">
    Platform Foundation overview.
  </Card>

  <Card title="Governance & parity" icon="scale-balanced" href="/governance/index" />
</Columns>

<Note>
  This page documents shipped product behavior. It is not medical, legal, or
  billing advice. Verify against your organization's policies and applicable
  regulations before using it for clinical, compliance, or billing decisions.
  Protected health information (PHI) shown in the product is governed by your
  tenant's access controls and is never exposed in this documentation.
</Note>

<Accordion title="Documentation sources">
  * src/routes/platform.tsx
  * src/platform/security/pages/SecurityEventsPage.tsx
  * src/platform/security/hooks/useSecurityEventsList.ts
</Accordion>
