What’s Tracked
| Field | Description |
|---|---|
| Action | What was executed (e.g., Isolate Device) |
| Target Entity | The specific entity acted upon |
| Initiated By | The analyst or SDA that triggered the action |
| Timestamp | Exact time of execution |
| Status | Success, Failed, or Pending Approval |
| Workspace | Which customer workspace |
| Incident | The incident that prompted the response |
Viewing the Audit Trail
- Per incident: Open the Workbench → Gamebook panel shows execution history
- Cross-workspace: Command Dashboard → Gamebook Activity widget