Workspace administration Want to learn more about setting up your team? Look no further!
Next Previous
actions,activity,access logs,accessibility,add,add an app,add members,add to Slack,administrators,all passwords,analytics,Android,announcement,announcements,App Directory,app icon,Apple Watch,approving apps,archive,Asana,Atlassian,automation apps,badge,payment details,billing,Bitbucket,bot user,box,browse,calls,Calls:,cancel,changes,channels,channel instantly,channel management,channel notification,channel suggestions,claim domains,close,company culture,compliance exports,compose,computers,conversations,convert,connect,connected accounts,connection,connecting,copy messages,create,customisation,customise,custom SAML,custom,customer support teams,data exports,data security,deactivate,default channels,delete,deletion,deploy Slack,desktop,direct messages,directory,disable,discover and join,Discovery API,display name,DMs,do not disturb,domain,domains,downgrade,Dropbox,duplicate accounts,edit,editing,education,email address,email,emoji,emoticons,Enterprise Grid,enterprise mobility management,executives,export,failed payments,fair billing,FAQs,finding,format,formatting,framework for apps,free trials,general,getting started,GIPHY,GitHub integration,GitHub organisation,GitHub,glossary,Google Apps,Google Calendar,Google Drive,guests,highlights,HipChat,human resources,IFTTT,import,incoming webhooks,integrations,iOS,invite,IT teams,Jira,join,keep up,keyboard layout,keyboard shortcuts,Keychain Access,keyword notifications,language,languages,leave,link previews,loading,limits,links,Linux,Mac,manage a workspace,manage apps,manage members,marketing,mention,merge,message actions,messages are displayed,message display,Microsoft products,mobile,mobile push,move channels,moving workspaces,multiple,mute,name,names,noise,not-for-profit organisation,notify,OneDrive,onboard,owners,password,payment,payments,permissions,phones,pin,subscription,subscriptions,Plus subscription,polls,primary ownership,privacy policies,prioritise tasks,private,private channel,private notes and files,project management,public channel,purpose,Quick Switcher,quote,reactivate,read,recruitment,referrer information,reminder,remove,rename,retention,request a new workspace,role,roles,RSS,sales,Salesforce,SAML,SCIM,SCIM provisioning,screen reader,search,send,session duration,share messages,share,shared channel,shared channels,sidebar,sign in,sign out,sign-up mode,single sign-on,Slack Day,Slack for Teams,Slack notifications,save notes and files,service level agreements,ServiceNow,sign up,Slack status,Slackbot,slash commands,snippet,snooze,software developers,star,statistics,Stride,sync,tablets,tax,threads,time zone,tips,to-do lists,topic,triage channels,terms of service,Trello,troubleshoot,trouble receiving,tour,Twitter,two-factor authentication,unread messages,updates,upgrade,upload,username,user groups,URL,holiday,vendor and remittance,video,voice call,voice,what is,what’s important,whitelisting,Windows Phone,Windows,working in,workspace apps,workspace creation requests,workspace discovery,workspace settings,Wunderlist,your actions,Zapier,zoom,features,#general,file storage,posts,dark mode,theme,Workflow Builder,voice,video,screen sharing,workflows,Outlook Calendar,invited members,transfer ownership,whitelist,enterprise key management,transport layer security,strong customer authentication,CSV,text file,working hours,
Search for “[term]” See [n]+ more results →
Audit logs in Enterprise Grid Audit logs provide a record of changes and usage on Enterprise Grid that help keep your org secure and protect against misuse. You can view audit logs directly in Slack, export them as a CSV and use the Audit logs API to create customised monitoring tools.
Tip: Learn more about your organisation as a whole with analytics for Slack Enterprise Grid .
From your desktop, click on your workspace name in the top left.
Select Settings & administration from the menu, then click on Organisation settings .
From the left sidebar, select Security , then click on Audit logs .
Use the drop-down menus to filter the log entries by Acting user , Event , Affects , or Date range . You can review the filtered log entries below, or click Export CSV in the top-right corner to download them.
Tip: Org primary owners can allow org admins to access audit logs in Slack by assigning them the Audit log admin system role .
We built the Audit logs API for Enterprise Grid orgs with security, legal and compliance in mind. Use the Audit logs API to:
Send data to a security information and event management (SIEM) tool.
Watch out for potential security issues or malicious attempts to access your org.
Build custom apps for better insight into how your company uses Slack.
You can learn more about how to use the Audit logs API or work with someone technical on your team to get started.
Note: Audit logs show data dating back to mid-March 2018, when this API method became available to workspaces.
Who can use this feature?
Org owners , and Org admins with the Audit logs admin
Available on the Enterprise Grid subscription
Thanks a lot for your feedback!
If you’d like a member of our support team to respond to you, please send a message to feedback@slack.com .
If you’d like a member of our support team to respond to you, please send a message to feedback@slack.com .
If you’d like a member of our support team to respond to you, please send a message to feedback@slack.com .
