If you are a realm admin, you can customize how to query audit logs by using these filters:
- Start and end dates - Enter a date range from one to seven days, inclusive.
- App name - note that you can't query deleted apps
- User email
- Log ID - Search all audit logs within the retention period purchased.
To query audit logs using a filter:
- Click Audit Logs on the left-hand navigation bar of the Admin Console, or on the left-hand navigation bar of the Manage Billing Account page.
- Select a filter at the top of the page. Depending on which filter you choose, enter the appropriate information. You can use either the Log ID as a single filter, or any combination of the dates, app name, and user email filters.
Note: If you don't specify an app name, user email, or log ID filter, all activity within the specified date range displays.
-
Click Display logs to apply the chosen filter(s). You can repeat the steps to change and/or combine filters to alter your results.
Audit logs display the following information:
| Item | Description |
|---|---|
| Log ID | Auto-generated identifier of the audit log. |
| First Name | User’s first name. |
| Last Name | User’s last name. |
| Email Address | User’s email address. |
| Action | What action was taken, such as log in, create app, report access, or table search. |
| Browser time | Exact time the action was taken, including date, and time with hour, minutes and seconds. Time zone is the browser time zone. |
| IP | The IP address the action was taken from. |
| User Agent | The browser and OS the action was taken from. |
| Application | UI for user interface or API for an API call. |
| Description | A brief description of the action that you can click to see additional details. |
Learn more
Tracking data changes in a specific field