Manage activity logs of Organization's member
The Activity log is a powerful tool for administrators to monitor all significant events that occur within your organization's Oten account. It provides a detailed, chronological record of actions, the users who performed them, the targets of those actions, and their outcomes. Use it to enhance security, troubleshoot issues, and maintain compliance.
This guide will show you how to:
Navigate and understand the Activity log dashboard
Search and filter for specific events
View and interpret detailed information for each log entry
1. The Activity log overview
When you navigate to the Activity log from the main menu, you'll see a real-time list of all recorded events.
Each row in the log represents a single event and is organized into several key columns:
Time: The exact date and time the event was recorded by the system, shown in UTC/GMT.
Actor's time: The date and time of the event from the perspective of the actor's local timezone.
Severity: The impact level of the event (e.g.,
INFO,SECURITY,ERROR).Action: A brief description of what happened (e.g.,
Sign In,Assign Role,Gateway Forbidden Access).Actor: The user or system process that performed the action.
Target: The user, group, or resource that was affected by the action.
2. How to search and filter logs
To quickly find the information you need, use the powerful search and filtering tools at the top of the page.
Search by Actor or Target: Use the main search bar to find all activities performed by a specific user or on a specific target. Simply type a name or email to begin.
Filter by Date range: Click the Last 7 days dropdown to select a different time frame, such as the last 24 hours, last 30 days, or a custom date range.
Filter by Action:
Click the All actions dropdown to narrow down the log to specific types of events. You can scroll through the list or use the search bar within the dropdown to quickly find an action like "Export accounts" or "Update employee info."
Filter by Severity:
Click the All severity dropdown to focus on events of a certain impact level, such as SECURITY or ERROR, to investigate critical issues.
Filter by Result:
Click the All result dropdown and select Success or Failure. This is especially useful for troubleshooting, as filtering for "Failure" can help you quickly identify why a user was unable to perform an action.
You can combine multiple filters to precisely narrow down your search results.
3. Understanding the Activity log details
For a complete picture of any event, click on a row in the log to open the Activity log details panel.
The details panel provides a wealth of information, broken down into logical sections:
Basic info: The most critical summary of the event.
Action: The specific event that occurred.
Result: Whether the action was a Success or Failure.
Reason: For failed actions, this field provides a crucial explanation of why it failed (e.g., "Insufficient permissions for requested action").
Description: A more technical description of the event.
Actor: Information about who performed the action.
Actor display: The name of the user or system.
Actor IP: The IP address from which the action was performed.
Location: The geographical location associated with the IP address.
User agent: The browser and operating system used by the actor.
Target: Details about the object that was affected by the action.
Target display: The name of the user, group, app, or system that was targeted.
Change set: For actions that modify data (like updating a user profile), this section is invaluable. It shows:
Name: The field that was changed.
Before: The value of the field before the change.
After: The value of the field after the change.
(Note: This section will show "No change set found" for actions that do not modify data, such as a sign-in event).
Technical metadata: Contains unique identifiers for the event. This information is extremely helpful for advanced troubleshooting or when you need to contact support for assistance. It includes the
Event ID,Request ID, andOrganization ID.
Last updated