All Collections
Extended Audit Trail: Audit Trail Filters
Extended Audit Trail: Audit Trail Filters

Learn more about Audit Trail Filters.

Written by Alex Eriksen
Updated over a week ago

If the Extended Audit Trail add-on is activated, then Admins and Managers will be able to use additional filters rather than just the date range filter. Admins and Managers will be able to filter the audit trails broken down by user, action type and date range.

The entire organisation's audit trail logs will be available for filtering, to ensure a comprehensive log for Admins and Managers. Currently, multiple filter selections of users and action types are not supported at this time, so only a single user or action type can be filtered on at a time.

Action type filters include actions such as login, login failed, new user created and so on. You can find the entire list of action type filters below:

‘org.editOrgProfile’ | Organization’s profile updated

‘session.login’ | Login

‘session.loginFailed’ | Login failed

‘session.logout’ | Logout

‘session.mfaFailed’ | MFA failed

‘user.editProfile’ | User updated own profile

‘user.setPassword’ | User set new password

‘user.addEmail’ | User added new email

‘user.deleteEmail’ | User deleted email

‘user.setEmailAsPrimary’ | User set email as primary

‘directory.createUser’ | New user created

‘directory.editUser’ | User’s profile updated

‘directory.deleteUser’ | User was deleted

‘directory.createGroup’ | New group created

‘directory.editGroup’ | Group updated

‘directory.deleteGroup’ | Group was deleted

‘directory.userInvited’ | New user invited

‘directory.userAceptedInvite’ | User accepted invite

‘directory.managerChangedPassword’ | Manager’s password updated

‘group.addUserToGroup’ | User added to group

‘group.removeUserFromGroup’ | User removed from group

‘app.createApp’ | New app created

‘app.editApp’ | App updated

‘app.deleteApp’ | App was deleted

‘app.addAppToGroup’ | App assigned to group

‘app.removeAppFromGroup’ | App removed from group

‘app.addAppToUser’ | App assigned to user

‘app.removeAppFromUser’ | App removed from user

‘app.updateProvisioner’ | Provisioner updated

‘app.deleteProvisioner’ | Provisioner was deleted

‘app.assignFbaCredentials’ | User set login credentials for app

‘login.readFbaCredentials’ | User requested login credentials

‘login.samlLogin’ | SAML login

‘userPolicy.failed’ | User Policy failed

‘appPolicy.failed’ | Application Policy failed

Did this answer your question?