Recent searches


No recent searches

Viewing the audit log for changes to your account



image avatar

Jennifer Rowe

Zendesk Documentation Team

Edited Jul 25, 2024


22

95

95 comments

Dwight Bussman this is great!  Thank you for this!

0


image avatar

Dwight Bussman

Zendesk Customer Care

Happy to help! :) 

0


The audit log accessible from Support allows you to open the information/action changed in a new tab. For users it can display all the times they logged in or changes made to their profile. This is also great if you know what changed but not sure when since you can edit the new tab's url and plug in your desired option.

The audit log accessible from the Admin center does not allow you to open any of them in a new tab/window. So you're stuck digging through until you find what you're looking for and all the changes for one person/rule aren't accessible together.

While date is a helpful filter, it should also include optionally a timestamp. I knew something occurred at 8am, but had to click through page after page to get from midnight to try to get to 8am.

1


image avatar

Josef Prandstetter

Zendesk Luminary

It would be great turning on/off a ticket form would be part of the audit log.

Background:
Our Zendesk instance has been hit by a spam attack.
All spam tickets came in via Help Center using the same form.
Therefor we turned the form off for end users.

During the spam attack we involved Zendesk support and they asked us, when we turned off the ticket form, but we couldn't tell exactly, because this information is currently not part of the audit logs.

1


The new audit log interface in Admin center have some good ideas, but seems not finish.

Should be interesting to add a lot of other filter : 

- filter per item

- date AND Hours

- on the previous one we were able to select a specific item and get its history, not possible anymore

0


image avatar

Caroline Kello

Zendesk Product Manager

Hey Josef, 

Status change of a ticket form (active/inactive) is already in the audit log. I tested it real quick in my account and can confirm it's there.

0


image avatar

Josef Prandstetter

Zendesk Luminary

Caroline Kello
Sorry - It seems I haven't been precise enough; I didn't mean activate/deactivate a ticket form - I was talking about the parameter "Editable for end users":

0


image avatar

Caroline Kello

Zendesk Product Manager

Oh gotcha, thanks for clarifying. You're right - we currently don't have that captured. I'll add a task for it on our backlog.

0


Did this functionality get removed:

In the previous audit log, I could click on the activity and view a log of who made changes and what changes were made. Did that go away? 

I find this helpful when training new agents on macros. I'm able to see who first created the macro and what was updated and who updated it so that I can see a timeline of events and adjust my training as needed. Equally, it shows me if someone changed something without "permission". 

2


It would be good if you could search for what has been changed e.g. the new email address added

0


Andrea Rodriguez (CD Baby)  I saw this functionality go missing as well and used it. Prior to the change I saved link templates and they still work if you edit them for your new needs. The name part can be different such as user, sla%2Fpolicy, or role_settings, but the following should give you what you're looking for. 

[your subdomain].zendesk.com/settings/account/audits?filter%5Bsource_id%5D=[ID of the thing you're looking into]&filter%5Bsource_type%5D=[Zendesk name of the thing you're looking into]

Ex: mysubdomain.zendesk.com/settings/account/audits?filter%5Bsource_id%5D=1234567890&filter%5Bsource_type%5D=rule

0


Hi Monica, yes! That is really helpful! I think I'll be able to navigate what I need now, thanks so much! 

Related unrelated, does anyone know why when a new user is created, it applies that name to me and the other Admins? What is blacked out is completely unrelated to me.

0


Are Changes of Service Level Agreements (SLA) *not* in the Audit Log?

Why so?

We need to track down a suspicious change but ....

 

Regards
Oliver

0


Also I second the comment of Andrea Rodriguez (CD Baby)

The new "Admin Center" view of the audit log it very limited in functionality, as the only filter is "person" and "action" but not "type" and especially not "specified item" (source_id). This means you now have to switch to the API which is a pain in the ass to use if you're not a developer. Also the documentation is not very good. It's not listed "what types exist" etc, and many of the queries make the DB time out instead of bringing any result.

Please bring back the clickable audit log filters.

 

Thanks
Oliver

1


I would like to set up a report that gives me the total time my agents spent on the tickets and the time they start logging in the system for load balancing. Appreciate if you can point me to standard report or to someone who can help me create one.

0


Hi Atul,
 
At present there isn't a way to report on when agents log in or out. However there is some work going on in this area, starting with reporting on agent availability in Talk, that should eventually encompass this – see the discussion here: Zendesk Talk: Allow Reporting on Agent Availability
 
In the meantime, you can report on the time agents spend on tickets via the free Time Tracking app
 

0


I'd like to add a comment to this too. It's imperative we're able to see a version history or track changes of ticket field changes, especially if you have more than one administrator -- if you click in the ticket field, at the top it even tells you when it was last modified but not "what" was modified or by whom. It seems pointless to tell me that a field was recently updated but not say what information was changed. Secondly, since automations and triggers can rely on tags, it's even more important to know of any changes that are made since it can break other configuration. And it's very hard to correct behavior regarding updates when you don't know who made them.

0


Hi Erica,
 
There's an ongoing effort to close the gap on events that are missing from the audit logs – see Caroline Kello's official comment in this thread, and please do upvote and add what you're wanting to see included: Audit Logs

0


Hi Dwight Bussman,

I would like to know if there is a limited number of logs we can see. For example,  do we see audit logs the past XX days or the past 1000 changes? 

Thanks in advance 🙏

 

0


image avatar

Dwight Bussman

Zendesk Customer Care

heyO @...

Similar to the Audit Logs API, the Audit Logs within Admin Center should be for the life of the account.  As mentioned in the article above " It saves a record of these changes indefinitely," Some accounts predate the logging of certain features, so logs would not exist for changes until the ability to log that type of event had been added. 

0


The "Viewing the audit log in Admin Center" section is outdated. I don't see an "Audit log" link in the sidebar.

0


Hi Johnny, welcome to the community!
 
To see the Audit log option, you need to click Account in the Admin Center sidebar first:
 
  1. In Admin Center, click the Account icon () in the sidebar, then select Audit log > Audit log.
 
 
 

0


Hi there,

 

Is there any way to delete the audit logs after a certain period - for instance after 365 days?

 

Thanks!

0


image avatar

Brett Bowser

Zendesk Community Manager

Hey Ema,
 
Our audit log lasts for the life of the account and will only get deleted if the owner cancels their Zendesk account. Here is a link to our Zendesk Service Data Deletion policy as well:
 
 
We also maintain detailed app-level logs for 30 days locally. 
 
Hope this answers your question!

0


Hey There,

I have a user who has a last login date as 07/27/2022 from the Users endpoint, but I am not able to see any login activity recorded in the audit log for the user on this date.

Could you explain me what could be the reason for this?

Is there any scenario where the user can login into Zendesk, but it is not recorded in the audit log?

Any information would be helpful.

Thanks!

0


image avatar

Dwight Bussman

Zendesk Customer Care

heyO Ak N

Whenever a user's email address is used to authenticate an API request, it sets the time of the API request as their "last login". Perhaps this is a person whose credentials are associated with an app/integration or making API requests of some sort? 

If you're not sure about that, you're welcome to contact support and we can try to find the cause in our logs. 

0


Hi,

Does the audit log includes failed login attempts and also account locked ?

Regards,

CS

0


image avatar

Thomas D'Hoe

Community Moderator

Hi Chin Sin,

Unfortunately, this is not included in the audit log. 

-1


I'm really frustrated to find out that fields and forms being deactivated are not recorded at all. I get literally HUNDREDS of useless entries a day about Zendesk destroying attachments, but not any of the stuff that I actually, really, really need to be logged. On top of that, I was informed that there's no record even on Zendesk's side of when a field was deactivated or who did it. 

2


Hi CJ, I see you've responded with a couple items of feedback in the Audit log - We want your feedback! thread -- that'd be the best place for this feedback as well. Thanks!

-1


Please sign in to leave a comment.