You can generate a report of audit events that you specify.
Audit event reports can be useful as a method of troubleshooting.
- In the Workspace ONE Access console, select
- Select audit event criteria.
Audit Event Criteria Description User Select this text box to narrow the search of audit events to those generated by a specific user. Type This drop-down menu allows you to narrow the search of audit events to a specific audit event type. The drop-down menu does not display all potential audit event types. The list only displays event types that have occurred in your deployment. Audit event types that are listed with all uppercase letters are access events, such as LOGIN and LAUNCH, which do not generate changes in the database. Other audit event types generate changes in the database. Action This drop-down menu allows you to narrow your search to specific actions. The list displays events that make specific changes to the database. If you select an access event in the Type drop-down menu, which signifies a non-action event, do not specify an action in the Action drop-down menu. Object This text box allows you to narrow the search to a specific object. Examples of objects are groups, users, and devices. Objects are identified by a name or an ID number. Date range These text boxes allow you to narrow your search to a date range in the format of "From ___ days ago to ___ days ago." The maximum date range is 30 days. For example, from 90 days ago to 60 days ago is a valid range while 90 days ago to 45 days ago is an invalid range because it exceeds the 30-day maximum.
- Click Show.
An audit event report appears according to the criteria you specified.Note: At times when the auditing subsystem is restarting, the Audit Events page might display an error message and not render the report. If you see such an error message about not rendering the report, wait a few minutes and then try again.
- For more information about an audit event, click View Details for that audit event.