About Audit Logs

LogicMonitor Audit Logs provide insight into recent account activity, such as user logins and configuration changes made to resources in the account.  Each Audit Log entry lists the time of the event, the username, the IP address and the event description.  For example, you could use the Audit Logs to identify when a specific device property was changed, or who last updated the production dashboard widgets.

The duration of time for which Audit Log entries are saved is equivalent to the alert retention specified in your LogicMonitor package.

Note that it is common to see consecutive log in events with no log out - if the user does not explicitly log out, but simply lets the session go idle, then starts using LogicMonitor again (possibly from a different computer), a new log in event will be recorded.

From Settings | Audit Logs you can:

  1. filter Audit logs based on a time range
  2. search for Audit logs
  3. download the Audit logs for the last calendar month
  4. view the details for a particular log

Searching for Audit Logs

You can search for Audit logs two ways:

  1. using the search bar on the Settings | Audit Logs Page in your LogicMonitor account user interface (this searches the user and description fields for each Audit log)
  2. using LogicMonitor's API