Egnyte’s User Provisioning Audit Report lets you monitor the creation, update, and deletion of users in your Egnyte account. It’s a good option when you need to see who created or deleted a specific user or generally track any updates to your users’ personal details.
Note that Audit Reports are not available to all customers by default; they are included as part of the Advanced Security Package. Please contact your Egnyte account manager or reach out to us here if you are interested in adding this package.
Creating a User Provisioning Audit Report
Start by finding the User Provisioning Audit Report in the Reports section of the account.
The report request form will ask you to specify a few parameters; these are described below.
Report name: Give the report a name so that you can differentiate it from reports you run later. This field is mandatory.
Date range: Any user provisioning changes that took place within the specified date range will be captured in your report.
Performed by: The report form allows you to narrow your report to changes made by specific users or users within chosen groups. Alternately, you can choose "Any user" to see user provisioning changes made by all users in your account.
Subjects (users whose accounts had changes): Similarly, you can narrow the report to look at changes made to specific users or users within chosen groups. Again, you can choose "Any user" here to see user provisioning changes that were made to all users in your account.
Actions: You can also narrow your report to specific user provisioning events. You can choose from: Create, Update, Disable, Delete, Enable, Password Change, and Password Reset.
A completed form might look like this:
Viewing User Provisioning Audit Report Output
Once you click “Submit”, your report will be generated immediately. Keep in mind that larger reports can take a few minutes to prepare (depending on the volume of audit data that needs to be processed). In these cases, we’ll send an email like this to you when the report is ready:
Note: Since audit logs for user provisioning changes are captured periodically through the day, you may not see activity for the last few hours in your report.
The User Provisioning Audit Report displays the following pieces of information:
- Date - the timestamp for the user provisioning change
- Performed by - which user or group performed the action
- Subject - which user or group the action was performed on
- Action - the type of change (e.g. create, update, delete, etc)
- Action Info - what specifically was changed when a user or group is updated (e.g. email address, first name, etc)
- Action Source - which client was used to perform the action (e.g. Web or Mobile)