Admin Audit Log Formats
Admin Audit logs show changes made by your administrative team in your organization's Umbrella settings.
Table of Contents
Examples
"","2021-07-22 10:46:45","[email protected]","","logexportconfigurations", "update","209.165.200.227","version: 4","version: 5"
The example entry is 126 bytes. To estimate the size of your S3 Logs, see Estimate the Size of Your Logs.
Order of Fields in the Admin Audit Log
<id><timestamp><email><user><type><action><logged in from><before><after>
- ID—A unique identifier of the audit event.
- Timestamp—The date and time when this request was made in UTC. This is different than the Umbrella dashboard, which converts the time to your specified time zone.
- Email—The email of the user that triggered the event.
- User—The account name of the user who created the change.
- Type—Where the change was made, such as settings or a policy.
- Action—The type of change made, such as Create, update, or Delete.
- Logged in from—The user's IP source.
- Before—The policy or setting before the change was made.
- After—The policy or setting after the change was made.
Reports and CSV Formats < Admin Audit Log Formats > Cloud Firewall Log Formats
Updated 10 months ago