Audit Log

About Audit Log

Home > Settings > Administration > Audit Log

The Audit Log is a log of the critical activities done by the admin through the Netskope UI. This log will help you track the activities done in the Netskope UI.

Note: You need administrative privilege to view the Audit Log.

The Audit Log contains the following information:

  • The date and time that an activity happened.
  • The email address of the admin who performed the activity.
  • The severity level of the activity.
  • The additional activity details.


About Filters

The filters allow you to search the log for activities based on severity, log type, and whether or not the user is Netskope personnel.

The following is a comprehensive list of all the filter menu options for the Audit Log:


Severity Levels:

  • High
  • Medium
  • Low 
  • Info

Log Type

Log Types:

  • Access Denied
  • Login Failed
  • SSO Login Failed
  • Logout Successful
  • Admin logged out because of successive login failures
  • Login Successful
  • SSO Login Successful
  • Password Change Failed Attempt
  • Password Change Successful
  • Created new admin
  • Added SSO Admin
  • Edited SSO Admin Record
  • Created new support admin
  • Edit admin record
  • Deleted admin
  • Enabled admin
  • Disabled admin
  • Unlocked admin
  • Updated admin settings
  • Enabled Netskope Support SSO
  • Disabled Netskope Support SSO
  • Deleted Netskope SSO admin
  • SSO Login Successful by Netskope Support
  • SSO Login Failed by Netskope Support
  • Resend Verification Email
  • Reset password
  • Request OTP for Account Verification
  • Account activation link validation failed 
  • OTP validation failed
  • Account Verification Successful
  • Created new inline policy
  • Edited inline policy
  • Deleted inline policy
  • Pushed inline policy
  • Set dedicated egress ip policy
  • Created new rbi template
  • Edited rbi template
  • Deleted rbi template
  • Pushed rbi template
  • Update default actions for inline policies
  • Pushed tunnel groups
  • Created new tunnel group
  • Edited tunnel group
  • Deleted tunnel group
  • Applied Phoenix policy record(s)
  • Created new introspection policy
  • Edit introspection policy record
  • Deleted introspection policy
  • Pushed Introspection policies
  • Created retro scan

Netskope Personnel

Netskope Personnel:

  • Yes
  • No

Date Range Filter

You can also use the date range filter to view the activities that occurred within a specific date range.

To use the Date Range Filter:

  1. Click the date range filter button in the top-right corner of the Audit Log page to view the date range menu.
    • Note: The default setting is Last 7 Days.
  2. Select from the standard date range options, or click Date Range on the bottom of the menu to select a customized date range.
  3. Your selection will be applied instantly if you select from the standard date range options. If you want to view your customized date range selections, you must click the APPLY button.

Save Filters

You can save your preferred filter selections. To save your filter selections:

  1. Open the dropdown filter menu by clicking the Rbi Add Filter.jpg button.
  2. Select your filters.
  3. Click the Save Filter The Save Filter Icon. icon to open the Save Filters window.
  4. Enter a name for your saved filters in the Enter Filter Name field.
  5. Click the SAVE button to save your filter selections.

Manage and View Saved Filters

To view your saved filters:

  1. Click the FILTERS button to open the saved filters menu.
  2. Click a saved filter to view it.

To manage saved filters:

  1. Click the FILTERS button to open the saved filters menu.
  2. Click the MANAGE SAVED FILTERS button.
  3. Manage your saved filters by:
    • Click the pencil icon to change the name of the saved filters.
    • Click the share icon to share the saved filters with others.
    • Click the trashcan icon to delete the saved filters.


You can export data from the Audit Log. To export:

  1. Click the EXPORT button to open the Export menu.
  2. Choose the columns to export.
  3. Choose the number of rows to export.
  4. Select the export name.
  5. Click the EXPORT button to export the data.

Customize Columns

You can customize the columns to enable or disable the following columns:

  • User
  • Severity
  • Activity

To customize columns:

  1. Click the Uebagearicon.pnggear icon to open the Customize Columns menu.
  2. Disable or enable columns:
    • Disable: Uncheck the box next to the associated column’s name. When a box is empty, without a checkmark, the column is disabled.
    • Enable: Click the empty box to add a checkmark. A column is enabled when the box next to the column’s name is blue with a checkmark inside.
  3. Your changes to disable or enable columns will be applied instantly.
Note: Click the RESTORE DEFAULT button to restore the columns to the default settings.
Share this Doc

Audit Log

Or copy link

In this topic ...