If you are a realm admin, you can customize how to query audit logs by using these filters:
- Start and end dates - Enter a date range from one to seven days, inclusive.
- App name - note that you can't query deleted apps
- User email
- Log ID - Search all audit logs within the retention period purchased.
To query audit logs using a filter:
- Click Audit Logs on the left-hand navigation bar of the Admin Console, or on the left-hand navigation bar of the Manage Billing Account page.
- Select a filter at the top of the page. Depending on which filter you choose, enter the appropriate information. You can use either the Log ID as a single filter, or any combination of the dates, app name, and user email filters.
Note: If you don't specify an app name, user email, or log ID filter, all activity within the specified date range displays.
Click Display logs to apply the chosen filter(s). You can repeat the steps to change and/or combine filters to alter your results.
Audit logs display the following information:
|Auto-generated identifier of the audit log.
|User’s first name.
|User’s last name.
|User’s email address.
|What action was taken, such as log in, create app, report access, or table search.
|Exact time the action was taken, including date, and time with hour, minutes and seconds. Time zone is the browser time zone.
|The IP address the action was taken from.
|The browser and OS the action was taken from.
|UI for user interface or API for an API call.
|A brief description of the action that you can click to see additional details.