Understand the system audit log

The system audit log is the system administrator’s best way to keep an eye on what’s going on in Workfront. Think of the log as your source of truth for who made what changes and when.

Access the audit log by going to the Preferences section in the Setup area. By default, you see data from the last seven days. Change the filter criteria to see data from different date ranges.

When a user performs certain actions, Workfront records them in the Audit Logs section of the Setup area.

Log Type drop-down menu on the Audit Logs page in Setup

Each action recorded, or logged, shows:

  • The date and time of the change
  • The log type
  • The name of the user who completed the action
  • The object
  • Any details associated with the action
  • The IP address

Audit Log list

Export the audit log

Exporting the audit log data allows system administrators to share the information with internal/external auditors or security specialists. Some organizations require certain logs be retained for compliance with cybersecurity regulations. Others need the information imported into a security system for analysis.

Audit logs can be exported in a CSV (comma-separated value) file, which can be opened into a spreadsheet application or plain text editor. The export is limited to 50,000 rows at one time, so use the filters to narrow down the list if the total exceeds 50,000.

Export button on Audit Logs page