See Audit Logs
The Audit Logs page in WatchGuard Cloud, displays an account-wide view of the audit logs for users in your account. Audit logs provide a historical record of all administrator logins and changes made in WatchGuard Cloud or its services. For authentication events, the Audit Log Detail window shows details about the authentication attempt.
WatchGuard Cloud generates audit logs for events that occur in both cloud infrastructure and cloud services. Audit logs are always generated when users log in or log out and when administrators change settings. Audit logs can also be generated when an administrator views a page in WatchGuard Cloud.
Audit logs are system-generated. There is no way to add, modify, or delete audit logs outside of the audit log retention period. Any changes to audit log settings also generate an audit log.
The WatchGuard Cloud Audit Log message retention policy allows a maximum retention period of 12 months. Application log messages, such as those generated for Firebox and Access Points, as well as Endpoint Security and AuthPoint events, maintain their own data retention periods.
Audit logs are stored with GMT timestamps, but times are always shown in your local time (as determined by your browser).
Open the Audit Log Details
The Audit Logs page shows you a list of audit log messages. You can select a log message to show the Audit Log Detail dialog box and see more details for that log message.
Only fields with data are displayed in the Audit Log Detail dialog box.
Click and select a date range to only show audit logs from that specific period of time. The default date range is Today, and the current selected date range is always displayed adjacent to the calendar icon.
Export Audit Logs
Click to export audit log messages to a comma separated value (CSV) file. When you export audit logs, the log messages from the selected date range are saved to a CSV file. The CSV file downloads in a compressed ZIP file to the default download location for your browser.