Audit Trail Search
The Audit Trail Search will only be accessible to administrators. An administrator can access the Audit Trail Search from the Organisation menu
Ensure you have the correct organisation selected if you administer multiple organisations (3)
Advanced Search Features
By default a search bar will allow a phrase to be added which will search across the Events, Detail and User Name fields.
An administrator can then also chose to use the advanced search to apply more specific search criteria.
Using the advanced search criteria the administrator user can:
Date within - allows a period of time and a date in the centre to be applied. This creates a date range. If the date selected is 14th December and the range is 1 week then the date range searched for is 7th December - 21st December inclusive.
Event - this will be across the defined list of options.
Detail - this should be free text. It might be used to find a specific entry that was made.
User Name - if a user is under investigation then this will be used to search for their activity. This should match on the User ID, user Full Name and Email Addresses to locate the relevant user to search on.
Source - a short dropdown list of the options from the above table.
Descriptions for the different entries
|Organisation Events||Update organisation settings||Review the changes of organisation settings|
|Update organisation details||Review the changes of organisation details
|Add/ Remove domain||Review the changes of adding/ removing domain
|Change VAR status||Review the changes of VAR status|
|Add new organisation||Review the changes of adding new organisation
|Change organisation whitelist||Review the changes of organisation whitelist
|User Events||Add user to organisation||Review the changes of adding new user to the organisation
|Update user details||Review the changes of user details
|User login||Review the records of user login
|User login failed||Review the records of user login failed
|User logout||Review the records of user logout
|Change password||Review the records of changing password|
|Login failed - User unknown||Review the records of unknown user login failed|
|Password reset successful via email||Review the records of resetting password via email|
|Password reset request via email||Review the records of resetting password request via email|
|First email setup||Review the records of first email setup|
|Change user whitelist||Review the changes of user whitelist
|API access token created||Review the records of creating API access token|
|API access token deleted||Review the records of deleting API access token
|Login locked out||Review the records of login locked out|
|Archive Events||Flag email as spam||Review the records of flagging email as spam|
|Spam email release||Review the records of releasing spam emails|
|Archive search||Review the records of archive search|
|View email||Review the records of viewing email|
|Download email||Review the records of downloading email|
Audit Trail Search Results
Audit Trail Detail View
Each cell will contain a complete record. Left hand side ‘before’ and right hand side ‘after’ the change. This way each row will be a new entry. If there’s only one record then it’s just one row.
Sharing Log Details
If you are investigating when a change was made and you wish to share the Audit Trail Detail with another Mailsphere administrator, you can simply copy and paste the URL and they will be able to view the data you have located.