3. Existing Functionality/Native Skill

Provide Method for External Consumption of Configuration and Permission Logs

Related products:Moveworks Setup

Forum|Forum|3 months ago
December 10, 2025
3 replies
20 views

Phil Cathey
New Participant

In the Moveworks Gov environment, we have a need to be able to ingest the Configuration and Permissions logs into our corporate SIEM. Currently, those logs are only available in the Moveworks Console.

As part of our CMMC requirements to authorize Moveworks to handle CUI data, we need to have a centralized location for all of our logs to be ingested and monitored by our SOC.

We are already ingesting the logs that are available to us for API calls but adding a mechanism to also be able to ingest these logs into an external system is likely a requirement for many other CMMC accredited companies. As an example, log entries such as someone being elevated to a Super Admin would be the type of activity that our SOC needs to be able to monitor across all of our SaaS applications.

S

sagarika
Community Manager
Forum|Forum|15 days ago
February 23, 2026

1. New→3. Existing Functionality/Native Skill

Like

S

sagarika
Community Manager
Forum|Forum|15 days ago
February 23, 2026

Moveworks provides a JSON-based SIEM log export (via SFTP) that captures API calls, authentication events, permission changes, config changes, and other platform activities. These logs can be ingested into any organizational SIEM, data lake, or analytics pipeline to support incident response, monitoring, and compliance workflows. Customers can export these logs from SFTP into their internal storage systems or forward them using a SIEM/log forwarder. Please refer to the help documentation https://help.moveworks.com/docs/sftp-siem-logs-overview.