Audit Logs
- Last UpdatedSep 19, 2023
- 1 minute read
Audit logs track and display all activity by users in the Jamf Protect web app. Audit logs are kept for one year and can be exported in CSV format. Each audit log entry includes the following information:
- Date—
When the activity occurred
- User—
Which user performed the activity
- Operation—
What activity occurred in the Jamf Protect web app
- Arguments—
Parameters provided for the activity
Note:Arguments that exceed 9 KB are not included in the audit log record.
- Errors—
Errors that occurred during the activity
- IP's—
IP addresses associated with the activity
- Resource ID—An identifier that represents a Jamf Protect resource that was created, modified, or deleted.
Complete the following to export audit logs from Jamf Protect:
Your audit logs are downloaded to your computer in CSV format.
Note:
You can import audit logs in your Security information and event management (SIEM) using the API and SIEM tools. For more information, see the following:
Jamf's open source usage example for list_audit_logs.py on GitHub.