The Group Provisioning Audit Report includes a breakdown of the creation, update, and deletion of groups in your Egnyte account. It’s a good option when you need to see who created or deleted a group or generally track any updates to your group's permissions or members. You'll learn how to run a Group Provisioning Audit Report, what each parameter does, and what's included in the report.
Note: Audit Reports are available for Office plans or higher who have purchase the Advanced Security Package.
If you'd like to learn more, our Reports & Auditing Overview article covers all of the reports available to you.
Run a Report
From the Reports Center, expand the Audit section and select Group Provisioning Reports.
Click on the + New Report button to begin. You'll need to name the report and choose the parameters for the report.
You may select one or more parameters to narrow down the file and folder activity you would like to view.
- Date range: Narrow down auditing by activity day or date range.
Note: Egnyte purges all audit logs older than 3 months.
- Performed by: Narrow your report to changes made by specific users (Selected users) or Users in selected groups. Alternately, you can choose Any user to see user provisioning changes made by all users in your account.
Note: If you leave the box checked for Include system actions, actions completed by the system will be included in the report.
- Groups: See what groups had information changed.
- Actions: View specific group provisioning events. You can choose from: Create, Add users, Remove users, Rename, Delete, Add Owner, and Remove Owner.
When you select multiple parameters, the report will generate results matching all of them.
Group Provisioning Audit Report Output
When you submit any audit report, you will receive an email and alert within few minutes letting you know that the report is ready for viewing. If it is a smaller audit report, you'll have access to it right away.
Note: Since audit logs for file activity are captured periodically through the day, you may not see activity for the last few hours in your report.
The user provisioning audit report displays the following information:
- Date: Provides the time stamp of the user provisioning change.
- Performed by: The user who performed the provisioning action.
- Group: Which group the action was performed on.
- Action: Indicates the type of change (e.g. Add users, create, delete, etc.) that occurred.
- Action Info: If more information is available from the action, it will be displayed here. For example, if the action is Add Users, the Action Info will provide the user information for all users that were added to the group.
- Action Source: Where the described action was made (e.g. Web UI, Mobile, etc.).