Overview

The Admin Audit Trails page gives you an insight into all administrator activities performed on the Management Console. This page lists each activity and provides the corresponding details over a specified duration. The page also provides various filters to list the activities based on your selection. For example, you can use the filters to list the activities specific to a resource, entity, action, organization, administrator, and time. You can also use the Admin Audit Trails page to generate a custom report based on the populated activities. For more information about the Audit Trails Report, see Admin Audit Trails Report.

Access path

On the Management Console, select the Manage menu from the top navigation menu.
Click Audit Trails.
The Admin Audit Trails page opens.

Field Description

The following table describes the fields on the Admin Audit Trails page.

Field	Description
Administrator	The name of the administrator who performed the action.
Action	The action performed by the administrator. For example, Create, Update, Delete, Login, Backup Now, and so on.
Entity Type	The type of the Druva entity on which the administrator performed the action. For example, Admin Group, Backup Set, Billing Cost Code, Admin, and so on.
Entity Name	The name of the Druva entity on which the administrator performed the action.
Resource Type	The type of the Druva resource associated with the entity. For example, Files, MS-SQL, CloudCache, VMware, and so on. If an admin creates the My_config_rule entity of type VM Auto Config Rule, the resource type of the entity is VMware.
Organization	The name of the organization to which the entity is associated with. The actions performed on the global dashboard, such as SSO settings, cost allocation, and so on, are accounted under All Organizations. 📝 Note The Organization* column is displayed only if organization is enabled.*
Time	The timestamp of the action performed by the administrator.

Admin Audit Trail filters

Druva provides a wide array of filters to view details of the administrator activities on the Management Console. The filters can be applied concurrently along with the Duration filter to fetch the Audit Trail Report on the Admin Audit Trail page. For more information about the Audit Trails Report, see Admin Audit Trails Report.

The following screenshot illustrates a sample selection for a VMware resource.

Druva provides the following audit trail filters to view administrators' activities.

Filter	Description
Resource Type	The type of Druva resources. The resource list includes File Servers, MS-SQL, NAS, VMware, Hyper-V, CloudCache, Disaster Recovery, Configuration, Billing, Device Config, and Snowball Edge, Oracle, Oracle DTC, Alert, Nutanix AHV.
Entity Type	The entity on which the administrator performs the action. The values of this filter appear based on the resource type you select. For example, if you select File Server in the Resource Type list, the Entity Type list displays values corresponding to File Server, such as Content Rule, Backup Policy, Backup Set, and Server, respectively.
Action	The action performed by the administrator. The values of this filter appear based on the resource and entity types you select. For example, if you select File Servers in the Resource Type list and Content Rule in the Entity Type list, the Action list displays action values corresponding to the selection, such as Create, Update, and Delete.
Organization	The organization to which the entity belongs to. You can select All Organizations or your specific organization with which the entity is associated with. 📝 Note The Organization* column is displayed only if organization is enabled. For more information, see Enabling or Disabling Organizations.*
Triggered By	The administrator who performed the activity. You can select the specific administrator who performed the activity.
Duration	The window in which the activities were performed. The values include Last 24 hours, Last 7 days, Last 30 days, Last 3 months, Last 6 months, Last 1 year, Last 3 year, and Custom. If you select Custom from the list, Druva displays the From and To Calendar lists. Select the dates from these lists to specify the duration in which the activities were performed.

Use the Reset and Apply buttons to clear and apply the applied filters on the Filters box.

Actions

The following table lists the actions on the Admin Audit Trails page.

Action	Description
More options (Vertical three dots)	Export as HTML: Exports the list of administrator activities in HTML format. Export as CSV: Exports the list of administrator activities in CSV format.
View Details	Displays the action details of the selected activity as shown in the following screenshot: For the edit and upgrade actions, the Action Details page displays the previous and the new values of each parameter. The Action Details page displays the following fields: Administrator: The name of the administrator who performed the action. Time: The timestamp of the action performed by the administrator. Source IP: The IP address of the system on which the administrator performed the action. Organization: The name of the organization to which the entity is associated with. 📝 Note The organization related details are displayed only if organization is enabled. For more information, see Enabling or Disabling Organizations. Resource Type: The Druva resource associated with the entity. Entity Type: The type of the Druva entity on which the administrator performed the action. Entity Name: The name of the Druva entity on which the administrator performed the action. Action: The action performed by the administrator. For the edit and upgrade actions, the Action field displays the previous and the new values of each parameter. Quarantined files: List of all the quarantined files selected from search results. Deleted files: List of all the deleted files selected from search results. Reason for deletion: List the reason for deleting a backup set, backup mount, configured databases, or virtual machines.
Filter	Filters administrator activities on the Management Console based on the selection.