Audit logs provide a record of changes and usage on Enterprise Grid that help keep your org secure and protect against misuse. You can view audit logs directly in Slack, export them as a CSV and use the Audit logs API to create customised monitoring tools.
From your desktop, click on your workspace name in the top left.
Select Settings & administration from the menu, then click on Organisation settings.
From the left sidebar, select Security, then click on Audit logs.
Use the drop-down menus to filter the log entries by Acting user, Event, Affects or Date range. You can review the filtered log entries below, or click Export CSV in the top-right corner to download them.
Tip: Org primary owners can allow org admins to access audit logs in Slack by assigning them the Audit log admin system role.
Use the Audit Logs API
We built the Audit logs API for Enterprise Grid orgs with security, legal and compliance in mind. Use the Audit logs API to:
Send data to a security information and event management (SIEM) tool.
Watch out for potential security issues or malicious attempts to access your org.
Build custom apps for better insight into how your company uses Slack.
Note: The availability of audit log data prior to upgrading to Enterprise Grid depends on your previous Slack subscription. To learn more about audit logs, contact our Support team.
Who can use this feature?
Org owners, and Org admins with the Audit logs admin system role