Solved: Can you export the results of a search in the audi...

mshannon93 · ‎2023 Dec 01

For some reason my custom where clause in the audit log within administration does not pick up results so I am hoping I can export the full set of 90 days audit logs and manually analyse in excel. I'm using the following custom where clause - endpoint = 'accounts.login' and UID = '2775004'.

I know the UID = 2775004 exists in the results as I can see it but when I use that custom where it returns no results. I am hoping to search the audit log for a specific UID but unable to do so.

- Could anyone advise why my custom where clause isn't working?

- Is there a way to manually export the audit logs?

Oleh_Ilchyshyn1 · ‎2023 Dec 02

Hello mshannon93,

1) To make it work please use UID in lowercase -> uid.

2) There is no way to export results in .csv file as in the Identity Query Tool, but you can use audit.search REST API in Postman or Insomnia and just get the results to proceed with them manually.

Hope it helped.

ma_c · ‎2023 Dec 04

Hi Mark, you can also implement a Data Flow (IDX) to extract the logs. In addition, consider the log connector for (near) real-time replication of the logs. Thanks.

Can you export the results of a search in the audit log under administration?

Know the answer?

Need more details?

Accepted Solutions (1)

Accepted Solutions (1)

Answers (1)

Answers (1)