⏱ 3.5 min read
Audit Log Reports provide insights into your Wrike account. Use Audit Reports to help your team conduct security investigations or to increase visibility into what is happening in the account. You can generate reports to see
- The last time a user or users logged in or failed to log in.
- When invitations were sent and accepted.
- What changes have been made to User Groups.
- And more.
Please note, these Reports include all items within the account, not just the items shared with you. This means that it's possible to see events, even for those items you don't have access to in your workspace.
Report parameters dictate what information is included in your report. Keep reading to learn more about each of the available parameters and how they affect your report.
Leave the User’s field blank to: run a report based on the actions of all users who are part of the account. Add a specific user(s) or user groups to the field to limit the scope of the report: if one or more users is included in this field, then only their actions are included on the report.
The date range field allows you to specify what timeframe the report should be generated for.
Each operation (action) on the report is time stamped so that you know when the action took place. Time stamps are displayed in: 1) the time zone designated in the Time Zone field and 2) in UTC time.
Operations are the actions that you want to report on. Available operations include
- User Groups: created, deleted, member added, member removed, renamed, group made a subgroup, subgroup made a parent group.
- User login: login, logout, admin login as another user, login failed (check this to see failed logins and blocked logins which occur if someone makes 5 unsuccessful login attempts).
- User role changes: user promoted to admin, user demoted from admin, admin permission changes, user role changed.
- Tasks, Folders, and Projects: shared, unshared, assigned, unassigned, deleted, erased from Recycle Bin, Folder or parent task added, Folder or parent task removed, task status changed, Task, Folder, or Project is duplicated, saved as a Blueprint, or launched from a Blueprint.
- User accounts: invitation accepted, invitation sent, user deleted, user restored, user activated, user deactivated, profile changed, password changed.
- Custom Fields: created, modified, deleted, added to Folder, removed from Folder.
- Security: account settings modified (account name, date format, etc), activity report generated, 2 factor authentication (2FA) enabled/disabled, 2FA stats downloaded, backup created, access granted or revoked for apps Wrike works with, password policy modified, approved IP addresses added/removed, account invitation settings modified, Access Role modified, Access Role created, Access Role deleted.
- Data Export/External Sharing: RSS or iCal feed created, Project/Folder exported to Excel, Calendars External links activated, Calendars External links deactivated, Calendar External link created, Calendar External link deleted, Gantt Chart Snapshot created, Gantt Chart Snapshot deleted, Guest reviewer invited*, Guest reviewer's access revoked*, Guest reviewer accepted invitation*, Guest reviewer rejected invitation*, Guest reviewer's settings changed.
- Approvals: approval created, approver added, approver removed, description changed, due date changed, approval finished, approval decision made, approval canceled.
Objects are what you want to report on. By default, your report includes information on any object (user, group) where the designated operation was carried out. To limit the report to particular items, add the specific item name or names to the Objects field. If one or more objects is listed, then only those items are included on the report. Searches on files should include the file name and extension (for example, File.docx).
To enter information in this field: just enter the object’s name. For example, you can type a User Group’s name in the field. If multiple items have the same name/title, then you will see the data related to all objects which match that name.
By default: any IP address that was used to access Wrike is included on the report. However, you can limit the report to particular IP addresses.
- Select “Include” and list specific IP addresses: generates a report based solely on the addresses listed in the field.
- Select “Exclude” and list specific IP addresses: generates a report based on all IP addresses except those listed in the IP Addresses field.
Specifies the format of your downloadable report. You can choose to have the report in a CSV or Excel file.
- Click on your profile image in the Workspace's upper right-hand corner. 1
- Select “Account Management”. 2
- Click on the “Activity Reports” tab. 3
- Use the available parameters to specify what information should be included on the report.
- Click “Create report”.
A report, in the file format you specified and with data based on the parameters you selected, is downloaded to your computer.