Admins can access this data through a dashboard, CSV export, or API. The dashboard offers flexible search options for quick insights and detailed historical analysis.
The audit trail interface can be opened only by the following roles: SysAdmin, CloudAdmin, or GovernanceAdmin.
-
SysAdmin or CloudAdmin: Go to Account > Admin Panel > Reports > Audit trail
-
GovernanceAdmin, SysAdmin, or CloudAdmin: Go to Govern > Audit trail
Once open, the interface for the audit trail displays in a window. Actions are listed from the most recent to the least recent:
-
Timestamp: The date and time of the action adjusted to your timezone.
-
User Name: User’s login name for the action performed.
-
Event: The description of the action that occurred; for example, a User Permission was changed.
-
Target: The ID or Object that received the Event action, such as John Doe, whose permission was changed.
-
Project Name: Project name where the action took place. If the action was outside a project (e.g., an Admin changing user configurations), the Project Name will be blank.
Once you open the audit trail window, you can use different filters to get a clearer view of events related to specific projects. You can use a pre-populated commonly used query from the dropdown, such as:
-
Added a Collaborator to a project
-
Viewed a dataset file
-
Downloaded a dataset file
You can also craft a specific filter using different elements. Some common examples are:
-
user_name: Login name of the user who performed the action.
-
event: Name of the action that occurred.
-
target_name: Name of the object that receives the action.
-
project_name: Name of the project where the action took place.
Note
| Each filter can only be used once. If you include multiple filters, the results will be intersected (AND) instead of joined (OR). You won’t be able to save a filter. |
Filter the audit trail by:
-
Select an option from the drop-down, or hover over an event and click the triangle icon to filter by the exact term.
-
Enter the exact name of the item you’d like to filter by within quotations:
user_name="john.doe"
-
To search with multiple filters, add a space between the two elements:
user_name="john.doe" project_name="projectElrond"
-
Optional: Select a date range for filtering results.
-
To refresh the table, click the hourglass icon.
-
Export audit trail data using the Audit trail API. The data is JSON but can be parsed and stored in other formats, like CSV.
-
The Audit Trail Data Glossary has a complete list of events being tracked. You can use these in the event filter to search for events.