Audit Reports are a great way to keep track of what’s going on in your account. They enable administrators to monitor account activity ranging from file system actions and login events to changes in folder permissions.
Note that Audit Reports are not available to all customers by default; they are included as part of the Advanced Security Package. Please contact your Egnyte account manager for more details if you are interested in adding this package.
If enabled, you can find Audit Reports in the Reports Center of your account (go to Settings → Reports).
You can create five types of Audit Reports:
- File Audit
- Permission Audit
- Login Audit
- User Provisioning Audit
- Group Provisioning Audit
Note that audit trail activity older than 3 months will be purged automatically. This means you will not see activities beyond three months at any time in a completed audit report.
To address this, we recommend scheduling regular report queries or running them yourself frequently.
File Audit Reports
File Audit Reports provide information about the actions performed by each user on the files and folders in your account. You can track activities like uploads, downloads, previews, deletions, and more.
File Audit Reports can help answer questions like these:
- “Who has actually downloaded the regulatory guidelines that we asked all of our employees to read?”
- “How did our Projects folder get moved into the Marketing folder?”
- “What types of files are my users uploading to their Private folders?”
Permission Audit Reports
Permission Audit Reports let you see how folders on your Egnyte account have been shared over a given time period. Any changes made to folder permissions will be captured in a Permission Audit Report.
Permission Audit Reports can help answer questions like these:
- “Who gave this intern administrative rights to the Finance folder?”
- “Have there been any changes in permissions for the Fishnet Gaming project folder?”
- “When did we share the Product Requirements folder with that contractor?"
Login Audit Reports
Login Audit Reports let you monitor login information for all users in your account. All failed and successful login attempts from the Web UI, mobile apps, and FTP are captured.
Login Audit Reports can help answer questions like these:
- “Did anybody log in to our Egnyte account over the long weekend?”
- “Did our contractor ever reset his Egnyte password?”
- “Have any of our users been locked out of their Egnyte account?”
User Provisioning Audit Reports
User provisioning audit reports let you monitor the creation, update, and deletion of users in your Egnyte account. You can see details like who created or deleted a user, as well as timestamps and action sources (e.g. Web UI vs mobile) for each event.
User Provisioning Audit Reports can help answer questions like these:
- "When did we add the new board member to our account?'
- "Who deleted the contractors from our account?"
- "Did everyone change their passwords in accordance with our password rotation policy?"
Group Provisioning Audit Reports
Group provisioning audit reports let you monitor the creation, updates, and deletion of groups in your Egnyte account. You can see details like who created or deleted a group, as well as timestamps and action sources (e.g. Web UI vs System) for each event.
Group provisioning audit reports can help answer questions like these:
- "When did we add the new hire to the marketing group?"
- "Who created the group for external contractors?"
- "Did any users in the IT department make changes to groups in the last month?"
Saving or Scheduling Report Queries
You can save or schedule any audit report query. Saving a query can be useful if you regularly need to reuse a set of common criteria when creating an audit report. Scheduling a query adds an added benefit of automating the process of generating audit reports.
You can view any saved and scheduled reports from the Saved & Scheduled Queries tab in the Audit Reports section of your account.