- Experience Platform overview
- Experience Platform overview (Video)
- Multi-cloud overview
- Edge Network and hub comparison
- Experience Platform tutorials
- A customer experience powered by Experience Platform (Video)
- Behind the scenes of a customer experience powered by Experience Platform (Video)
- Getting started
- Experience Platform UI
- Experience Platform APIs
- Experience Platform documentation
- Applications built on Experience Platform
- Governance, privacy, and security
- License usage and guardrails
- Troubleshooting guide
- Gen2 data lake migration
- Glossary
- Release notes
Audit logs
In order to increase the transparency and visibility of activities performed in the system, Adobe Experience Platform allows you to audit user activity for various services and capabilities in the form of “audit logs”. These logs form an audit trail that can help with troubleshooting issues on Experience Platform, and help your business effectively comply with corporate data stewardship policies and regulatory requirements.
In a basic sense, an audit log tells who performed what action, and when. Each action recorded in a log contains metadata that indicates the action type, date and time, the email ID of the user who performed the action, and additional attributes relevant to the action type.
The metadata for the actions Add user and Remove user within the Role resource will not contain the email ID of the user who performed the action. Instead, the logs will display the system generated email ID (system@adobe.com).
This document covers audit logs in Experience Platform, including how to view and manage them in UI or API.
Event types captured by audit logs
The following table outlines which actions on which resources are recorded by audit logs:
| Resource | Actions |
|---|---|
| Access control policy (attribute based access control) |
|
| Account (Adobe) |
|
| Attribution AI instance |
|
| Audit logs |
|
| Class |
|
| Computed attribute |
|
| Customer AI instance |
|
| Dataset |
|
| Datastream |
|
| Data types |
|
| Destination |
|
| Field group |
|
| Identity graph |
|
| Identity namespace |
|
| Merge policy |
|
| Product profile |
|
| Query |
|
| Query template |
|
| Role (attribute based access control) |
|
| Sandbox |
|
| Scheduled query |
|
| Schema |
|
| Segment |
|
| Source data flow |
|
| Work order |
|
Access to audit logs
When the feature is enabled for your organization, audit logs are automatically collected as activity occurs. You do not need to manually enable log collection.
In order to view and export audit logs, you must have the View User Activity Log access control permission granted (found under the Data Governance category). To learn how to manage individual permissions for Experience Platform features, please refer to the access control documentation.
Managing audit logs in the UI
You can view audit logs for different Experience Platform features within the Audits workspace in the Experience Platform UI. The workspace shows a list of recorded logs, by default sorted from most recent to least recent.
Audit logs are retained for 365 days after which they will be deleted from the system. If you require data of more than 365 days, you should export logs at a regular cadence to meet your internal policy requirements.
Your method of requesting audit logs changes the allowable time period and the number of records you will have access to. Exporting logs allows you to go back 365 days (in 90 day intervals) to a maximum of 10,000 records, where as the activity log UI in Experience Platform displays the past 90 days to a maximum of 1000 records.
Select an event from the list to view its details in the right rail.
Filter audit logs
Select the funnel icon (
) to display a list of filter controls to help narrow results.
The Experience Platform UI only displays the past 90 days up a maximum of 1000 records, regardless of the applied filters. If you need logs past that (to a maximum of 365 days), you’ll need to export your audit logs.
The following filters are available for audit events in the UI:
| Filter | Description |
|---|---|
| Category | Use the dropdown menu to filter displayed results by category. |
| Action | Filter by action. The actions available for each service can be seen in the resource table above. |
| User | Enter the complete user ID (for example, johndoe@acme.com) to filter by user. |
| Status | Filter by whether the action was allowed (completed) or denied due to lack of access control permissions. |
| Date | Select a start date and/or an end date to define a date range to filter results by. Data can be exported with a 90-day lookback period (for example, 2021-12-15 to 2022-03-15). This can differ by event type. |
To remove a filter, select the “X” on the pill icon for the filter in question, or select Clear all to remove all filters.
The returned audit log data contains the following information on all queries that meet your chosen filter criteria.
| Column name | Description |
|---|---|
| Timestamp | The exact date and time of the action performed in a month/day/year hour:minute AM/PM format. |
| Asset Name | The value for the Asset Name field depends on the category chosen as a filter. |
| Category | This field matches the category selected in the filter dropdown. |
| Action | The available actions depend on the category chosen as a filter. |
| User | This field provides the user ID that executed the query. |
Export audit logs
To export the current list of audit logs, select Download log.
Logs can be requested in 90 day intervals up to 365 days in the past. However, the maximum amount of logs that can be returned during a single export is 10,000.
In the dialog that appears, select your preferred format (either CSV or JSON), then select Download. The browser downloads the generated file and saves it to your machine.
Enable alerts
You can enable audit alerts to receive notifications for the following rules:
- Audience create
- Audience update
- Audience delete
- Dataset create
- Dataset update
- Dataset delete
- Schema create
- Schema update
- Schema delete
Select the desired alert from the list to subscribe to receive notifications. For more information on alerts, see the guide on subscribing to alerts using the UI.
Managing audit logs in the API
All actions that you can perform in the UI can also be done using API calls. See the API reference document for more information.
Managing audit logs for Adobe Admin Console
To learn how to manage audit logs for activities in Adobe Admin Console, refer to the following document.
Next steps and additional resources
This guide covered how to manage audit logs in Experience Platform. For more information on how to monitor Experience Platform activities, see the documentation on Observability Insights and monitoring data ingestion.
To reinforce your understanding of audit logs in Experience Platform, watch the following video:
