Admin Actions Report
Twingate allows customers to view and export admin action activity on their account. This can be useful for troubleshooting or investigatory purposes. The activity exported includes create, delete, edit, and connect events for the following objects:
- Connector
- Device
- Group
- Public API Key
- Remote Network
- Resource
- Service Account & Service Account Key
- User
This report can be manually exported via the Admin console as a JSON file.
Exporting Admin Actions Report
To create an export:
1. Navigate to the Reports page under Settings
2. Click Generate Admin Actions Report to generate a new report
3. Select the time range and the category you want to export.
The time range will use your local timezone, even though the export itself will have timestamps in UTC.
4. The export will complete in the background and email you when it’s ready.
Most exports will only take a few minutes, though very large ones could take a few hours.
5. Go back to the Reports page to download completed reports.
How to view the export
Exports are created in GZIP format. You can use most free compression tools to decompress. After decompression,
we recommend you rename the file by adding .csv to the filename, which will make it easier to open in a spreadsheet
editor.
If you are using Safari and the file appears to be empty, we recommend Safari’s automatic unpack feature. To do this, navigate to Safari > Preferences > General and uncheck the “Open ‘Safe’ files after downloading” option.
Twingate exports admin actions in JSON format. Each admin action is represented as a single line, and represents:
- When the event happened
- The actor of the event
- What action happened
- The final state (including the before state if applicable)
Details of the event columns are below:
time: the beginning of the network communicationactor: the user making the changeaction: the type of event (create, delete, edit, or add / remove relation)target: object impacted (e.g. user, group, Remote Network)
Last updated 2 hours ago