Overview
The Okta Admin Audit Trail provides a comprehensive, chronological record of all administrative modifications made within the Druva environment. By capturing every change to activity settings, Druva ensures full transparency and accountability. This feature allows Administrators to pinpoint exactly who made a change, what was altered, when it occurred, and where the change was applied.
Note: Currently, only Admin Audit Trails are supported for Okta.
Key Benefits
Enhanced Visibility: Okta Audit Trail in Druva provides a clear oversight of all system configuration changes to maintain environment integrity.
Rapid Troubleshooting: Administrators can use the audit trail to quickly identify and revert unauthorized or accidental setting adjustments.
Access Okta Admin Audit Trails in Druva Cloud
To view the Audit Trail within your Okta environment, follow these steps:
Log in to the Druva Cloud Platform Console.
Open the Global Navigation (hamburger icon) in the top-left corner.
Navigate to All Services > Identity> Okta.
From the top navigation bar, select Bell Icon> Admin Audit Trail.
Viewing Admin Audit Trails
The Okta Admin Audit Trail page provides a centralized view of all configuration changes and administrative actions. This log is essential for maintaining a secure and transparent record of system activity.
Understanding the Audit Log Interface
The audit interface is designed for clarity and quick navigation:
Details List: Provides a descriptive summary of the action performed (e.g., "initiated backup," "enabled backup," or "reconfigured").
Deep-Link Navigation: Text highlighted as a hyperlink within the Details column allows you to click through directly to the specific resource for a more granular understanding of the activity.
Time: Displays the precise timestamp (Date and Time) when the activity was executed, ensuring an accurate chronological history.
Note: Most administrative actions are captured; however, the specific activity of downloading a JSON file from the Jobs page (the dashboard where backup/restore task progress is monitored) is not recorded in the Okta Admin Audit Trail.
Filtering the Trail
To find specific events quickly, use the Filter icon (located at the top right of the table) to narrow down records by specific criteria.
Download Administrator Activities
You can export the list of administrator activities in either HTML or CSV format for external auditing or reporting.
On the Admin Audit Trail tab, click the Filter icon.
In the Time Period section, select the desired duration and click Apply.
Click Download as CSV or Download as HTML.
The file will be saved directly to your local computer.
Admin Audit Trail Report Details
The following table defines the fields included in an exported Okta Admin Audit Trail report:
Field | Description |
Generated | The date and timestamp when the report was created. |
Activities | The specific activity type for which the report was generated. |
Administrators | The name of the administrator who performed the activity. |
Interval | The time period selected for the report. |
Time Zone | The time zone associated with the generated data. |
Admin Audit Trail | The audit trail for which the report is generated. |
Administrator Name | Name of the individual admin. |
Activity | The specific action type selected/performed. |
Details | Detailed description of the configuration change or task. |
Time | The exact timestamp of the activity. |
Configure Audit Trail Retention Policy
Audit trail records are preserved based on your retention policy. By default, the retention period for administrator logs is 30 days.
Available Time Period options:
Today
Last 7 Days
Last 30 days
Last 3 months
Last 6 months
Last 1 year
Ever
Change the Default Retention Period
From the top navigation bar, navigate to Settings > Endpoints & SaaS Apps Settings.
Locate the Audit Trail Retention Policy section and click Edit.
In the Retain admin audit trail for dropdown, select your preferred duration.
Click Save.