Welcome to
Help Desk

Product Updates
Ideas Contact Support

Login Audit Report


The Login Audit Report provides audit information for each user that has logged in or attempted to log into your Egnyte domain, so you can quickly spot suspicious activity. In this article, we'll describe how to pull a Login Audit Report, the different parameters you can search for, and what's includes in each report. 

Audit Reports are available for Business, Enterprise Lite, or Enterprise "platform" plans. Reports can be accessed by Admin Users, and Power Users who also have the role can run reports

Run a Report

From the Reports Center, expand the Audit section and select Login Reports.


Click on the + New Report button to begin. You'll need to name the report and choose the parameters for the report.


Once all the parameters for the report are chosen, click on the Submit button to submit the report.


  • Date range: Narrow down auditing by activity date.

    Egnyte purges all audit logs older than 3 months, so you cannot run a new report for data older than 3 months. If you would like to be able to save data older than 3 months, please review the Save or Schedule Audit Reports article.

  • Access type: Specify the interface through which the user accessed Egnyte. The report provides information for access from the Web UI (browser), mobile devices, and FTP.

  • Events: Choose if you want to view any event or specified events from the following list: Login, logout, account lockout, password reset, failed attempt, accepted terms of service, and declined terms of service.

  • Users: Choose the users or groups whose activity you wish to view.

Login Audit Report Output

When you submit any audit report, you will receive an email and alert within a few minutes letting you know that the report is ready for viewing. If it's a smaller audit report, you'll have access to it right away. 

Since audit logs for file activity are captured periodically throughout the day, you may not see activity for the last few hours in your report.


The login audit report displays the following information:

  • Date: The date and exact time of the login attempt.
  • User: User whose login activity you are viewing.
  • Access: Access point of the login.
  • IP Address: IP address from which your Egnyte file server was accessed.
  • Event: Reflects the event type.
  • Logout Time: The date and exact time of the logout events.


Was this article helpful?
0 out of 0 found this helpful

For technical assistance, please contact us.