![Untitled design (1)-Aug-01-2022-12-37-27-80-PM.png]](https://help.syscloud.com/hs-fs/hubfs/Untitled%20design%20(1)-Aug-01-2022-12-37-27-80-PM.png?height=40&name=Untitled%20design%20(1)-Aug-01-2022-12-37-27-80-PM.png){kind=small}
Why does SysCloud require access to audit logs?
SysCloud's "data change insights" feature uses historical data to identify deviations from normal behavior. Audit logs are required to accurately detect trend-level anomalies while minimizing false positives.
Why Are Audit Logs Needed?
SysCloud's algorithm relies on historical data to:
- Understand Trends: Analyze patterns in data changes over time.
- Incorporate Seasonality: Account for periodic fluctuations in activity, such as end-of-month reconciliations or quarterly audits.
- Minimize False Positives: Establish a baseline for your company’s typical behavior, ensuring anomalies flagged are genuinely unusual and require attention.
Example
If your organization typically modifies 50–100 records weekly in a system, the algorithm will use audit logs to learn this pattern. Without audit logs, a sudden change to 150 records might incorrectly be flagged as an anomaly. With audit logs, SysCloud understands this change aligns with a trend, avoiding a false positive.
To enable accurate anomaly detection, ensure audit logs are uploaded during the setup process.