Please update the content of the audit log available for enterprise customers to include details on the creation, modification, deletion, and enable/disable for targets in ZenDesk. Also add my voice to those asking that the audit logs be made available in real-time in machine-readable form, using webhooks for example.
Hey folks, thanks for continuing to keep this thread alive and adding your feedback and events that you'd like to see in the Audit log - it's been tremendously valuable. We now have a team dedicated to working on Audit log so we're ready to make some great progress on this feature 🎉 There are two themes we're working towards:
- The data in the Audit log needs to be easy to find. This means better filtering capabilities and allowing you to find the event you're looking for faster.
- The data needs to be there to find. This means closing the gaps on events we know, and you know, are missing and need to be added (focusing initially on Support). We're partnering with several teams to get those events in, currently working on User profile updates and Organisation updates which we're targeting in the next few months.
Then there's the bigger project of moving onto the other products and make sure the Audit log captures all create, update and delete events in your account.
Appreciate all your feedback on this topic.
I would also like to see changes to groups in the audit log! (or basically any change you can do to Zendesk settings (i.e. not tickets).
Yes please. It would be great to see more logging, like activation/deactivation/changes of organisation fields, user fields, ticket fields and so.
yes yes yes
audit log is useful to some degree but does not include some crucial info.
we would like it to include literally everything you can't find in "show all events" in a ticket.
And the ability to export it.
Searching in the audit log would be impressive, right now it's a giant hot mess that can't be meaningfully sorted. We have over 200k end users and over 130 agents - being able to audit and investigate issues as they come up would be a huge time saver.
EDIT: Did some math. We currently have 1940 pages of audit logs after being live for about 2 months. There's about 100 records displayed per page. That's almost 200k audit records. Why do we need a developer to be able to do a basic search through this data?!
An easy audit GUI with more filtering and data is essential for larger enterprise clients.
As others have mentioned these are big points
More types of data
- All standard/custom organization fields for sure, user and ticket would be a nice to have
Zendesk settings changes
- Groups, roles, security settings, etc.... as our admin team grows this is becoming more important
- Being able to choose a specific users, organizations, agents, change types etc would all be great.
Adding my 2c to this because it looks like there's currently no audit logging (or displaying) for when changes are made to the SLAs. Had to track down someone who had access to change the settings, and ended up asking support to go though the logs for me (not an efficient use of support's time IMHO).
I'm sure there's other things that need to be addressed, but I just wanted to add this one to the list given that it's missing (and a feature that Zendesk has been rolling out for quite a while given that they are sunsetting the old SLAs very soon. It's somewhat disappointing that the new feature didn't have writing to a customer's audit log as standard as the new feature was implemented!)
Can we also have the ability to see end user profile changes in the audit log, specifically email address changes, which I believe is excluded? If the downside to that is too much data is displayed could we have a filter to remove them if necessary?
As changes to end user profile can affect customers, it would be really useful too see changes made to their accounts.
I agree with Abdul!
Even an option to pull a full extract from the audit log page or even in the Reports section of Support would be a super helpful start.
While having to pull this from an API and parse the JSON is an option when troubleshooting as an admin, these are extra steps that an auditor may not like to see if any sort of investigation is underway. This is becoming more and more important as we need to ensure we are in compliance, both federally and that of our internal teams.
I agree. There should be a native option to work with the data. Even a simple search or export to .csv would be better than what we have now.
Seconding this... mostly everything from everyone here :)
Agree with Abdul & Heather above, we need to know when user records are manually modified by agents. We had to grant permission to a user group to edit user/org for one very specific scenario. Unfortunately, your edit permission is for ALL fields on user/org and agents mis-use it and manually modify email addresses which they should not do.
Need a tool with information to help the administrator troubleshoot the system.
We have 3 system admins and sometimes I do not know why certain things happen and need to look for which admin do what at when.
Currently audit log is useless. It does not capture who create a group, who make changes to a user field, who did what and when. And no searching or filtering capability make it hard for us to get the information faster.
+1 for the ability to export without an API
I'd like to highlight the need to include user-level mergers in the audit
+1 for auditing all admin changes, including fields, forms, groups. And to be able to export results.
Hi, are there any logs for changes in Guide/HC?
Also, any plans to have any kind of auditable data for Chat? And/or usage data like for triggers, e.g. by accessing https://example.zendesk.com/api/v2/triggers.json?include=usage_30d
Please create a Audit log acording to your product category. Logging group changes, hability to search and export, etc....
Auditing is useful, but it would be nice if it included more data. It would be nice to know who is creating/modifying/deleting forms and fields.
We would also love to see any changes made to the widget settings in the auditlog! :-)
Any change should be logged and accessible, this is mandatory to have for all the Zendesk admins!
I second the motion - An easy audit GUI with more filtering and data is essential for professional and enterprise clients.
We should be able to capture and track all changes made to End User data - email, organization, etc,.
Again, I think this is basic call center management features and a simple request that should not require the clients of Zendesk to exert crazy amounts of time to figure out work-arounds.
Recently we noticed that some users that were suspended have become unsuspended however we do not have any entries in the log. This is very serious as these users need to remain suspended. We have no way of identifying who performed this action. Please consider improving the log and the ability to retrieve information from it without just merely scrolling through.
I agree with all of the above. The full audit log should contain actions on groups, user fields, ticket fields, forms and all that can be changed/create/delete.
The full audit log can be accessible to download only, not necessary to add it to an existing audit log.
Yes to all of this!
Building out the audit log to include User / Organization changes and to be searchable would help tremendously. Not only would it help us, but it would also help your team troubleshoot issues. Win, win!
With the changes to the audit log now showing succesfull log ins, this causes the audit to be overloaded with agent log-ins especially when we have over 800!
Is there any plans on making the audit more searchable so you can filter for the type of change that was made?
It's quite noisy, you're right. Search/filter/sort is the next piece of functionality we want to introduce so it's at the top of the list.
Would love to hear what kind would be useful to you if you're open to sharing!
Thanks for acknowledging how noisy this is. Since this was enabled, each day has about 4 pages of audit log entries just for sign ins alone. it's taken an already bad experience to worse.
Glad to hear this is finally getting looked at, thank you!
For us, at a minimum, we need to be able to search/filter (inclusively and exclusively) by
- Event Date/Time (exact match, or range)
- Actor (searchable dropdown like we have in tickets, perhaps?)
- IP Address (text field)
- Type (Created, Updated, Audit, Apps)
- Item Changed (Ex: New Organization, Macro Created, Macro Updated)
- Item Changes (this one could be tricky but being able to search for any changes made to any macros using FIELD X would be great at scoping out how some changes were made.
- Ability to jump to a specific page number (even if just by query parameter in the URL
Thanks for considering!
Please sign in to leave a comment.