Tailscale Audit Logs

Tailscale is a VPN service that simplifies secure network connections using a peer-to-peer mesh network. Tailscale audit logs capture information about user and device activity, such as authentication events, access control changes, connection attempts, and traffic flow across the network. These logs are valuable for monitoring network security, tracking who accessed resources, and auditing for compliance with access policies.

Ingest Method

This source is a polling source and will download new logs from the app API approximately every 60 seconds.

Setup

Create a new OAuth Client under your Tailnet settings and provide it the Audit Logs Read scope.

Once created, you'll be provided a Client ID and a Client secret. Paste these into the RunReveal dashboard, along with the name of your tailnet, and we'll begin collecting your tailscale logs immediately.