Viewing audit logs for users
Prev Viewing access information for users and user groups Next

Viewing audit logs for users

You can view audit logs of the access details for a particular user in a given time period.

To view the audit logs for users:

  1. From the Workspace, navigate to the Users list-view.
  2. Click a user. The Summary panel populates to display additional details.
  3. Click Expand Profile on the Summary panel to display the underlying user-centric views.

    By default, the Overview tab displays the a summary of the selected user.

  4. Click Audit Logs. Or right-click the user, and select Audit Logs.
  5. Apply the time filter for which you want to view the selected user's activity. By default, Data Insight displays the audit logs for the last six months from the current date.
  6. Select the share for which you want to view the activity by the selected user.

    Use the device filter in the content pane to search for specific devices where selected group has permissions. The Devices with activity filter is applied by default. The filter pane displays the list of filers or web applications that have some shares or site collections on which the selected user has activity.

    At the share-level in the hierarchy, you can also filter the paths using other predefined filters, such as disabled share or site collections where the user has activity.

  7. Enter the start and the end dates in the To and From field.

    Additionally, you can also filter the audit logs based on the following criteria:

    • The IP address of the computer that the user has generated the access activity from.

    • The type of access for which you want to view audit logs. For SharePoint web applications, you can specify either access type (meta operations, such as Read, Write, Delete, Create, and Rename) or access details (SharePoint operations).

      Data Insight maps all SharePoint access types such as checkout, view, check in, write, update, delete, and move to Data Insight meta access types - Read, Write, Delete, and Rename.

      You can enter multiple values separated by commas. Enter the filter criteria in the relevant fields and click Go.

  8. Click on a folder to see the user's activity on that folder.
  9. The audit logs provide the following information:

    • The name of the file that is accessed.

    • The path of the file.

    • The type of access event.

      In case of a folder on a SharePoint site, the SharePoint access type such as checkout, view, check in, write, or update.

    • The type of file.

    • The access count.

    • The IP address of the computer from which the file was accessed.

      Currently, you cannot view the IP address of the computer from which the file was accessed for Windows File Servers, VxFS filers, and SharePoint sites.

    • The start and the end time of the access events.

  10. Click the drop-down arrow on any column header and select Columns. Then select the parameters you want to show.

More Information

About audit logs

Prev Up Next
Viewing Box permissions for users and user groups Home Managing inactive data