Egnyte’s Group Provisioning Audit Report lets administrators monitor the history of group creation, updates, and deletion. This is beneficial if you want to see who created or deleted a specific group or generally track any changes in a group’s membership.
Like the other Audit Reports, the Group Provisioning report is available as part of the Advanced Security Package. The Advanced Security Package can be added as an optional bundle for Office customers and is included by default for Business and Enterprise customers.
Creating a Group Provisioning Audit Report
Start by finding the Group Provisioning Audit Report in the Reports section of the account.
The report request form will ask you to specify a few parameters; these are described below.
Report name: Give the report a name so that you can differentiate it from reports you run later. This field is mandatory.
Date range: Any group provisioning changes that took place within the specified date range will be captured in your report.
Performed by: The report form allows you to narrow your report to changes made by specific users or users within groups you specify. Alternately, you can choose “Any user” in this category to see group provisioning changes across your entire account.
Groups: You can use this field to specify a particular group or groups that you want to see changes for. Alternately, select "Any group" to see changes made to any of the groups in your account.
Actions: Similarly, you can narrow your report to specific group provisioning events. You can choose from: Create, Add users, Remove users, Rename, Delete.
A completed form might look like this:
Viewing Group Provisioning Audit Report Output
Once you click “Submit”, your report will be generated immediately. Keep in mind that larger reports can take a few minutes to prepare (depending on the volume of audit data that needs to be processed). In these cases, we’ll send an email like this to you when the report is ready:
Note: Since audit logs for user provisioning changes are captured periodically through the day, you may not see activity for the last few hours in your report.
The Group Provisioning Audit Report displays the following pieces of information:
- Date - the timestamp for the user provisioning change
- Performed by - which user or group performed the action
- Groups - which group or groups were affected by the action
- Action - the type of change (e.g. create, add or remove user, delete, etc)
- Action Info - what specifically was changed when the group was updated (e.g. which users were added or removed from the group)
- Action Source - which client was used to perform the action (e.g. Web or Mobile)