Admins have the ability to view audit logs within Onna. The audit logs will show users’ actions such as adding/deleting sources, syncing errors, viewing documents, and sharing.
Steps to access audit logs
To access the Onna audit logs click on the main menu button located on the top left corner.

Navigate to the bottom of the admin panel and select audit logs.

On the audit log page, each column displayed can be sorted in ascending or descending order. A filter is available in the top right corner to narrow down the results.

Clicking on ‘Add a filter’ will open a drop-down that allows you to select various filters.

Action
The action filter will display the log for any action performed by a user within the Onna application or the sync status for the data source. Below is a list of actions available to select:
-
Access
-
Add
-
Create
-
Delete
-
Enable
-
Manage
-
Share
-
Sync
-
Update
-
View
Category
The filter will group together related codes into the below categories:
-
Custom field
-
File
-
Info
-
Login
-
Retention policy
-
Source
-
Workspace
Code
Displays the list of codes found in the audit logs. Below is a list of events that can be found in the Onna application logs:
Code |
Type |
Message |
AC001 |
Success |
Added credentials |
AC002 |
Success |
Added admin credentials |
AC003 |
Info |
Renewed credentials |
AC004 |
Info |
Renewed admin credentials |
AC005 |
Info |
Credentials shared: Granted access to user |
AC006 |
Success |
Credentials suspended |
AC007 |
Success |
Credentials shared: Revoked credentials to user |
AC008 |
Success |
Deleted credentials |
AC009 |
Success |
Deleted admin credentials |
CF001 |
Success |
Custom field created |
CF002 |
Success |
Custom field deleted |
CF003 |
Manage |
Custom field disabled |
CF004 |
Manage |
Custom field enabled |
CF005 |
Info |
Custom field edited in platform by Admin |
CF006 |
Success |
Custom field added to workspace |
CF007 |
Success |
Custom field removed from workspace |
CT001 |
Success |
Cloud transfer credentials added |
CT002 |
Success |
Cloud transfer credentials edited |
CT003 |
Info |
Cloud transfer credentials renewed |
CT007 |
Success |
Cloud transfer credentials deleted |
CT008 |
Info |
Cloud transfer added to export |
CT009 |
Info |
Cloud transfer loaded to host |
DS001 |
Success |
Added datasource |
DS002 |
Success |
Deleted datasource |
DS004 |
Info |
Permission change on datasource |
DS012 |
Error |
Sync failure |
DS015 |
Success |
Added datasource using shared credentials |
EX001 |
Success |
Export added to platform |
EX002 |
Success |
Export removed from platform |
EX003 |
Info |
Export downloaded |
FL001 |
Success |
File uploaded by user |
FL005 |
Info |
Permission change on file |
FL006 |
Info |
File downloaded |
FL013 |
Success |
File deleted by user |
FL014 |
Info |
User viewed a file |
FL015 |
Success |
File deleted due to Retention policy |
ID001 |
Success |
Added source to identity mapping |
ID002 |
Success |
Added source automatically to identity mapping |
ID007 |
Info |
Rename Identity-name |
ID008 |
Info |
Details of identity viewed |
ID009 |
Info |
Identity search for "search-term" |
ID010 |
Info |
Filter of search "#{{search-term}}" viewed |
ID012 |
Error |
Failed to sync source-type |
LG001 |
Login |
Logged in with user and password |
LG002 |
Login |
Failed to log in with user and password |
LG003 |
Success |
Logged out |
LG006 |
Login |
Logged in with two step verification |
LG009 |
Info |
Email sent to reset password |
LG010 |
Success |
Password updated |
LG012 |
Login |
Logged in with SSO |
LG017 |
Success |
SSO configuration deleted |
LG018 |
Success |
Issued temporary user |
RP001 |
Success |
Added retention policy |
RP002 |
Success |
Deleted retention policy |
RP003 |
Success |
Updated retention policy |
SA001 |
Success |
Smart action added |
SA002 |
Success |
Smart action removed |
SA003 |
Success |
Smart action triggered |
SA004 |
Success |
Smart action modified |
UA001 |
Success |
User invited to Onna |
UA002 |
Success |
User added to Onna through SSO |
WS001 |
Info |
Added workspace |
WS002 |
Info |
User deleted from workspace |
WS003 |
Info |
Workspace renamed |
WS004 |
Info |
User added to workspace |
WS005 |
Info |
Workspace viewed |
WS009 |
Info |
Workspace permission changed for user |
WP001 |
Success |
Added preservation |
WP002 |
Success |
Deleted preservation |
WP003 |
Info |
Preservation renamed |
WP004 |
Info |
Preservation shared |
WP005 |
Info |
Details of preservation viewed |
WP006 |
Error |
Failed to delete preservation |
WP008 |
Success |
Finished preservation |
WP009 |
Info |
Preservation viewed |
WP010 |
Info |
Preservation permission changed for user |
WP011 |
Info |
Preservation configuration changed |
Date
Users can select a date range that they would like to display for audit logs. To manually set a date range click 'Custom' & a calendar will pop up.


IP Address
A list of the users IP address that can be manually provided or selected from the dropdown
Time
When selecting the ‘time’ filter you can set the date by clicking on Today. Users can then select a time range that they would like to display audit logs.

Type
Audit log records can fall into the below types:
-
Error
-
Info
-
Success
User
A user name can be manually provided or selected from the dropdown list.
FAQ
How long are audit logs available?
Application audit logs are available for at least 180 days.