1. Slack Help Center
  2. Workspace administration
  3. Slack data & analytics
    4. Audit logs on Enterprise Grid

Audit logs on Enterprise Grid

Audit logs provide a record of changes and usage on Enterprise Grid that help keep your org secure and protect against misuse. You can view audit logs right in Slack, export them as a CSV, and use the Audit Logs API to create custom monitoring tools. 

Tip: Learn more about your organization as a whole with analytics for Slack Enterprise Grid.


View audit logs in Slack

  1. From your desktop, click your workspace name in the top left.
  2. Select Settings & administration from the menu, then click Organization settings.
  3. From the left sidebar, select  Security, then click Audit Logs.
  4. Use the drop-down menus to filter the log entries by Acting user, Event, Affects, or Date range. You can review the filtered log entries below, or click Export CSV in the top-right corner to download them.

Tip: Org Primary Owners can allow Org Admins to access audit logs in Slack by assigning them the Audit Log Admin system role.


Use the Audit Logs API

We built the Audit Logs API for Enterprise Grid orgs with security, legal, and compliance in mind. Use the Audit Logs API to:

  • Send data to a security information and event management (SIEM) tool.
  • Watch for potential security issues or malicious attempts to access your org.
  • Build custom apps for better insight into how your company uses Slack. 

You can learn more about how to use the Audit Logs API or work with someone technical on your team to get started.  

Note: The availability of audit log data prior to upgrading to Enterprise Grid depends on your previous Slack plan. To learn more about audit logs, contact our Support team.  

 

Who can use this feature?
  • Org Owners, and Org Admins with the Audit Logs Admin system role
  • Available on the Enterprise Grid plan

Audit logs provide a record of changes and usage on Enterprise Grid that help keep your org secure and protect against misuse. You can view audit logs right in Slack, export them as a CSV, and use the Audit Logs API to create custom monitoring tools. 

Tip: Learn more about your organization as a whole with analytics for Slack Enterprise Grid.


View audit logs in Slack

  1. From your desktop, click your organization name in the sidebar.
  2. Hover over Tools & settings, then click Organization settings.
  3. From the left sidebar, select  Security, then click Audit Logs.
  4. Use the drop-down menus to filter the log entries by Acting user, Event, Affects, or Date range. You can review the filtered log entries below, or click Export CSV in the top-right corner to download them.

Tip: Org Primary Owners can allow Org Admins to access audit logs in Slack by assigning them the Audit Log Admin system role.


Use the Audit Logs API

We built the Audit Logs API for Enterprise Grid orgs with security, legal, and compliance in mind. Use the Audit Logs API to:

  • Send data to a security information and event management (SIEM) tool.
  • Watch for potential security issues or malicious attempts to access your org.
  • Build custom apps for better insight into how your company uses Slack. 

You can learn more about how to use the Audit Logs API or work with someone technical on your team to get started.  

Note: The availability of audit log data prior to upgrading to Enterprise Grid depends on your previous Slack plan. To learn more about audit logs, contact our Support team.  

 

Who can use this feature?
  • Org Owners, and Org Admins with the Audit Logs Admin system role
  • Available on the Enterprise Grid plan

Awesome!

Thanks so much for your feedback!

If you’d like a member of our support team to respond to you, please send a note to feedback@slack.com.

Was this article helpful?Yes, thanks!Not really
Sorry about that! What did you find most unhelpful?
0/600
Submit article feedback

If you’d like a member of our support team to respond to you, please send a note to feedback@slack.com.

Oops! We're having trouble. Please try again later!