The Tenant Auditor role enables you to view audit information for your tenant.
As a tenant auditor, you can use the Audit section of the Administration console to retrieve up to 30 or 90 days of logs, which depends on your edition.
You can filter the events listed to show events that occurred:
- Between two specific dates
- In the last hour
- In the last 2 hours
- In the last 24 hours
- In the last 72 hours
- In the last week
You can view these events for either your user activity or in Bring Your Own Key (BYOK), if your organization uses it.
You can also use the Audit API to obtain audit events.
Note: To access the Audit section in Administration and use the Audit API, your organization must be licensed to have Audit enabled in your tenant. You must also be assigned the Tenant Auditor role. Tenant auditors have no authorizations until Audit is enabled.
Tenant administrators can assign users the Tenant Auditor role.
Tenant Auditor policy
The table below displays the resources that a tenant auditor controls.
| Resource Type | CREATE | READ | UPDATE | DELETE |
| Workspace | ||||
| History | ||||
| Role | ||||
| Policy | ||||
| Role Membership | ||||
| Tenant | ||||
| User |
