You’ll find an audit log under the Manage Administration service that shows who performed what actions against which object. Here’s how it looks:

Filtering and sorting the audit log

Apply filters to the log using fields in the top row.
You can also sort the data by clicking on a column name. If the audit log is currently being sorted by a certain column, a line displays above the column name (shown below). Click the column name again to reverse the filter.

A Hide/Show System Events button displays above the audit log. Click this button to filter for only user-generated events.

Audit log contents

Here’s a description of the contents of each column:

Field Description
Action The action that was performed
Changes Shows details of what was changed. For example, showing a phone number changed from 555-5555 to 444-4444.
Affected object The resource the changes were performed against
Tenant The tenant affected by the changes
Submitter The user who initiated the event
Submitter IP The IP address of the user who initiated the event
Event type Shows whether the job is completed, errored, running, etc.
Submitted Date and time the job was initiated

Video overview

Here’s a video showing the audit log:

Audit log in action (videos)

Here’s a video showing how the audit log might look after a delegated administrator changes a user’s display name:

And, here’s how it might look if you use the audit log to find out when a certain action (like a reset password) took place:

Print Friendly, PDF & Email