English (US)
  1. Zendesk help
  2. Support
  3. Using Support ticketing system
  4. Security and user access in Zendesk Support

Viewing the audit log for changes

Jennifer Rowe
  • Edited
Zendesk Documentation Team

What's my plan?

Suite Enterprise and Enterprise Plus

Fastpath: Admin Center > Account > Audit log > Audit log

The audit log shows various changes in your Zendesk account since the account was created. It saves a record of these changes indefinitely, and you can view the entire change history. You can view the audit log in Admin Center or via the Support API.

This article contains the following sections:

About the audit log changes

There are two key things to understand about the audit log: the types of changes captured and the details provided for each log entry.

Changes captured in the audit log

The audit log shows changes to the following areas:

  • Account information and settings
  • Users
  • Apps
  • Web Widget
  • Business rules
  • Ticket settings
  • Organizations

Audit log entries

For each entry in the audit log, the following information is included:

Column Description
Time Time and date the event occurred
Actor User or system that caused the event
IP address IP address of the user who caused the event
Item Object changed by the actor
Activity type Type of action for the event (Created, Updated, Deleted, Exported, or Signed in)
Activity Details about the event

In the Zendesk API and Zendesk Support, audit log timestamps appear in Coordinated Universal Time (UTC). In Admin Center, audit log timestamps are shown in your account's time zone. See Setting your account's time. If you are unsure of what time the audit log is using, hover your mouse pointer over the information icon in the Time column heading.

Viewing the audit log in Admin Center

From the Audit Log page in Admin Center, you can view the audit log as a whole, sort the log by time, filter the list, or export a copy of the log.

To view the audit log
  • In Admin Center, click Account in the sidebar, then select Audit log > Audit log.

Filtering the audit log

Often, only part of the picture is available when you visit the audit log. For example, you might know when something changed (but not what) or who changed something (but not when). Since the audit log can include a large volume of events, filtering makes it easier to find what you’re looking for.

While top audit events are available as filters, not all event types can be filtered. Additional audit events will be added over time.

Tip: If you repeat the same audit log filters, bookmark them in your web browser after you apply them. The filter displays in the URL.

To filter the audit log

  1. In Admin Center, click Account in the sidebar, then select Audit log > Audit log.
  2. Click the Time column to sort the entries by date.
  3. To use more filters, click Filter.

    Additional filters appear in a side drawer.

  4. To find entries within a specific date range, enter a Start date and End date.

  5. Enter a name in the Actor field to filter by the people or systems responsible for the activities.

  6. Select an Activity type to filter entries by the action type (Created, Updated, Deleted, Exported, or Signed In).
  7. Use the filters in the Item section to filter by a specific setting, user, or business rule that has changed.
    1. In the Type field, select or search the generic item type you want to filter by (for example, "Trigger").
    2. In the Names field, select or search for the specific items you want to filter by (for example, the trigger named "Notify assignee of comment update").
  8. Click Apply filters.

Exporting the audit log

You can export a CSV formatted copy of the audit log. If you filter the list before starting the export, the CSV file is also filtered this way. The exported copy is emailed to your primary Zendesk email address.

To export a copy of the audit log

  1. In Admin Center, click Account in the sidebar, then select Audit log > Audit log.
  2. Filter the audit log as needed.
  3. Click Email CSV.
Return to top

73 Comments

  • Dave Dyson
    Hi CJ, I see you've responded with a couple items of feedback in the Audit log - We want your feedback! thread -- that'd be the best place for this feedback as well. Thanks!
    -1
  • Katie McCormick

    Does the Audit Log show changes made to reports or dashboards in Explore?

    We're preparing to train some new Editors and it would be helpful if we could see what they changed in a particular report or dashboard for troubleshooting purposes. 

    0
  • CJ Johnson

    Katie McCormick It does not, you can upvote the feature request for it here though: https://support.zendesk.com/hc/en-us/community/posts/4408860640410-Explore-Audit-Log-with-list-of-changes


    0
  • Jacob Hill

    Hello! Is there a way to offload the audit logs to a SIEM, specifically Azure Sentinel?

    0
  • Gabriele Biella

    Hi,

    I'm using the Audits API to fetch some data from the "history".

    But, when a ticket is created from the WhatsApp channel the "history" field is empty.

    I expected to find at least the first message from the customer who contacted the helpcenter via WhatsApp.

    It seems that the conversation data is added to the history only after the agent modifies the ticket, is correct? is this the correct behavior?

    Thanks

     

    0
  • Andrew Lundy

    I don't see the Audit Log option anywhere in Zendesk Admin. (I am the account owner).

    0
  • Dwight Bussman
    Zendesk Customer Care

    HeyO Andrew Lundy - that option will only appear in accounts on our Enterprise plan. If your account has that plan-level and you're still not seeing it, please contact support to look into that more closely.

    0
  • Kim Dickey

    I see that the audit log tracks when a help center is *deactivated* but not when it is activated, which is the information I'm trying to find out. Is there any way to track down this information or am I missing it as an event not tracked under the "Brand" type? 

    0
  • Max McCal
    Zendesk Product Manager

    Kim Dickey – Guide events are something we're focussed on this year. While we don't currently track Help Center activations and deactivations, you will start to see them in Q2 of this year. 

    0
  • Jake Warren

    Hi Dwight Bussman,

    I'm having trouble getting the results that I expect. Can you help me understand how I would filter to see any and all history for a specific end user? I want to see when it was created and by who, as well as any future updates/changes and by who (and when of course). I'm not able to get this.

    Thanks,

    Jake

    0
  • Viktor Osetrov
    Zendesk Customer Care
    Hello Jake Warren,

    At this moment we have the option to check the activity timeline for specific users. 
    Please follow for that -> Announcing the new Customer Profile Page and Activity Timeline open beta

    If it's not enough please feel free to create a ticket with us.

    Thank you
    0
  • Nobuhiro Kobayashi

    Does the audit log exclude Zendesk Explore activities?

    0
  • Joyce
    Zendesk Customer Care
    Hello Nobuhiro,
     
    Explore changes are not captured in Audit logs. I've taken a look and found that other users are discussing similar needs here: Explore - Audit Log with list of changes

    You can up-vote that original post and add your detailed use-case to the conversation. Threads with a high level of engagement ultimately get flagged for product managers to review when they go through roadmap planning.
    0

Please sign in to leave a comment.

More about

Related articles

Powered by Zendesk