Trang bạn đã yêu cầu hiện không có sẵn bằng ngôn ngữ của bạn. Bạn có thể chọn ngôn ngữ khác ở cuối trang hoặc dịch nhanh mọi trang web sang ngôn ngữ mà bạn chọn bằng cách sử dụng tính năng dịch được tích hợp sẵn trong Google Chrome.

Admin auditing for the security center

Supported editions for this feature: Frontline Standard; Enterprise Standard and Enterprise Plus; Education Standard and Education Plus; Enterprise Essentials Plus. Compare your edition

Many security center tasks are recorded though the Admin log event data source in the security investigation tool. This log data enables you to track the history of tasks performed in your Google Admin console, including which administrator performed the tasks. 

For example, as a super admin, you might want to view what a delegated admin has done with drill-downs on the security center dashboard. You can go to Admin log events data and search for the admin's name. Using the results of this search, you can see which charts the admin has generated, and which filters were used on those charts.

Audit logs are always written; you can't configure, exclude, or disable the events.

Parameters for audit log events include the admin's name, the chart's name, and the range of dates queried. A new log event is created each time a user adds or removes a filter. If multiple filters are present, they are listed in a comma-delineated format.

For more details and instructions, go to Admin log events.

Note: Admin activity on the security health page isn't audited. However, actions resulting from the information on the security health page are audited in that specific setting’s existing audit logs.

Log event data for the security center dashboard

In Admin log event data, you can find details about these security center dashboard events:

  • Security Chart Drill-downWhen an admin drills down on charts in the dashboard
  • Security Chart ExportWhen an admin exports a chart in the dashboard
  • Security Chart Drill-down ExportWhen an admin exports the drill-downs on charts in the dashboard

Log event data for the security investigation tool

Supported editions for this feature: Frontline Standard; Enterprise Standard and Enterprise Plus; Education Standard and Education Plus; Enterprise Essentials Plus; Cloud Identity Premium. Compare your edition

In Admin log event data, you can find details about these events in the investigation tool:

  • Query performed
  • Action performed
  • Action completed
  • Action cancelled

You can find details about these events when reviewers are requested for bulk actions:

  • Action confirmed
  • Action rejected
  • Action verification requested
  • Action verification request expires

Thông tin này có hữu ích không?

Chúng tôi có thể cải thiện trang này bằng cách nào?
Search
Clear search
Close search
Main menu
6907348039360692430
true
Tìm kiếm trong Trung tâm trợ giúp
true
true
true
true
true
73010
false
false