You are here:
Account Manager Audit Log Events
Log Center publishes audit log events for Account Manager, including changes to users, API clients, and organizations. Use filters and keyword searches to track specific field changes or action events within a selected time frame.
Audit events are available in Log Center for 90 days, after which they're automatically deleted.
Before You Begin
Access to audit events depends on your role:
- Log Center External Administrator role: View all audit events across the organizations that you belong to.
- All other users: View audit events related to your own account, including events where you're the target or the actor.
To view entity details linked from audit events, you also need the Account Administrator or Read-Only Account Administrator role in Account Manager.
Access Account Manager Audit Log Events
- Open Log Center from a browser or from Business Manager. For details, see View Log Center.
- In Log Center, select Account Manager Audit from the Events tab.
- Open Log Center from a browser or from Business Manager. For details, see View Log Center.
- In Log Center, select Account Manager Audit from the Events tab.
Understand Key Fields
Target ID
The Target ID identifies the Account Manager entity that was modified. Targets can be a user, an API client, or an organization.
For security, Log Center shows only IDs, not email addresses. Select the provided link to view full details in Account Manager.
Actor ID
The Actor ID identifies the entity that performed the action. Actors can be a user or an API client. Select the provided link to view full details in Account Manager.
SystemUser is a special actor that represents automated background actions, such as scheduled processes or system-triggered updates, that occur without direct user intervention.
Organization context
Filter by organization name to view changes to entities belonging to that organization and changes to the organization itself. This filter is most useful if you're an admin in multiple organizations.
Event attribution
- User changes: Changes to a user are attributed to the user's primary organization, regardless of which organization context the change was made in.
- API client changes: Changes involving an API client are attributed to each organization that the API client belongs to. If the API client belongs to multiple organizations, the same event can appear in multiple organizations' audit logs.
Filter Audit Events
| Filter | Use |
|---|---|
| Target Type | Filter by entity type: user, API client, or organization. |
| Actor Type | Filter by actor type: user or API client. |
| Event Type | Filter by action type, such as create, update, delete, or role assignment. |
| Role Assignment | Filter by the role involved in a role assignment or role tenant filter change. |
| Organization Membership | Filter by the organization involved in a membership change. |
To filter by tenant or to search for text within event messages, use the keyword search bar. There's no dedicated tenant filter, so keyword search is the recommended approach for tenant-level queries.
Common Use Cases
Audit user role changes
To track all role assignments for users in a specific organization:
- Filter by Organization Name and select your organization.
- Filter by Target Type and select User.
- Filter by Role Assignment and select the role that you want to track.
The results show all users who were assigned or removed from the selected role.
Monitor API client activity
To review actions performed by a specific API client:
- Filter by Actor ID and select the API client ID.
- Optionally, filter by Organization Name to scope the results to a specific organization.
Review the Event Types filter to see which actions were performed.
Audit organization-level changes
To monitor changes to organization settings:
- Filter by Target Type and select Organization.
- Filter by Organization Name and select your organization.
The results show all changes to the organization's configuration.
Find events for a specific tenant
To find all events related to a specific tenant filter, enter the tenant identifier in the keyword search bar.
Search by keyword or field value
To search for specific field values across all events, use Log Center Query Language (LCQL). (LCQL).
- Select LCQL at the top of the page.
- Select a field and enter the value to search for in the parentheses.
- For role names, enter each role name as it appears in the Account Manager roles documentation.
- To add more field conditions, type a space, choose AND or OR, then select the next field.
- Select Search.
