# Log Streaming
{% hint style="info" %}
Log Streaming is an early access feature. Contact [FenixPyre support](mailto:support@fenixpyre.com) to enable this for your organization
{% endhint %}
## Overview
FenixPyre’s **Log Streaming** feature allows you to export your organization’s security audit logs created by FenixPyre to an external log-analysis or SIEM platform such as Splunk, Datadog, or a custom HTTP endpoint.
Log Streaming makes it possible to react to events—such as file encryptions, admin actions, or user access changes - using your own business logic, monitoring tools, or automated workflows.
***
### Data Responsibility and Control
When **Log Streaming** is enabled, **you (the Customer)** become the **data controller** for the exported information.\
This means you are responsible for:
* Deciding **what information** is streamed out of FenixPyre
* Determining **where** and **how** that data is stored, processed, or analyzed in your own environment
* Maintaining compliance with your own security and privacy obligations
FenixPyre acts solely as the processor, transmitting events securely to your chosen destination.
***
### Log Categories Forwarded by FenixPyre
FenixPyre generates several distinct categories of logs that can be forwarded to Splunk. Each category captures a specific type of event within your organization’s FenixPyre environment:
| **Category** | **Description** | **Example Use Cases** |
| -------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- |
| **Admin Logs** | Records of actions taken by administrators within the FenixPyre Dashboard. Includes configuration changes, integration updates, rule creations, and user-management operations. | - Tracking changes to encryption policies
- Auditing configuration updates
- Detecting unauthorized admin access
|
| **User Logs** | Captures authentication, authorization, and user-initiated activities such as login attempts, password resets, and permission changes. | - Monitoring user access behavior
- Detecting repeated failed logins
- Investigating access control issues
|
| **Agent Logs** | Logs emitted by FenixPyre Agents deployed on endpoints or servers. | - Tracking offline event
- Tracks other agent critical logs
|
| **File Access Logs** | Detailed records of file-level interactions: open, upload, download, share, delete, or move operations across connected storage platforms (e.g., Desktop, Egnyte, OneDrive, Box). | - Detecting unauthorized file exfiltration
- Tracking CUI/PHI/PII access
- Analyzing user activity by file type
|
> These logs together provide a full audit trail of all sensitive operations across FenixPyre and its integrated storage connectors.
***
### Supported log streaming services
* [Splunk](/fenixpyre-for-admins/admin-dashboard/log-streaming/setting-up-log-streaming-for-splunk.md)
* Datadog
* HTTP endpoint
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.fenixpyre.com/fenixpyre-for-admins/admin-dashboard/log-streaming.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.