Contact Support

Legacy Audit Logs

Learn how to access logs that were generated before the audit log update

Recommendation. To ensure Verkada admins are able to access historical events and logs prior to June 10, 2021, the legacy logs are still accessible and the data can be exported. We highly recommended that the historical logs are exported in case the log data is needed for future reference. You can export logs by navigating to the legacy view of the organization and camera audit logs.

Legacy org audit logs

Organization (org) audit logs track system access and tie each action to a user.

Events are tracked in the org audit log, where each action contains the following information:

  • Timestamp of when the action took place (displayed in your local timezone)

  • IP address of the user who performed the action

  • Username of user who performed the action

  • Email address of the user who performed the action

  • Action taken

Access legacy org audit logs

You need Org Admin permissions to access audit logs.

1

In Verkada Command, go to All Products > Admin.

2

In the left navigation, select Security & Logs.

3

Click Audit Log.

4

At the top right, click Legacy View.

Admins can view the audit log on screen or download as a comma-separated value (CSV) file to create custom reports.

Monitor legacy org audit log events

You can monitor these events in the legacy org audit logs:

User logins

  • User attempted login: Displays login success or failure, with reason.

  • User attempted logout: Displays logout success or logout failure, with reason.

User management

  • User created: New user created within the org

  • User added: New user created within the org

  • User removed from organization: User removed by an Org Admin

  • User invited: User invited by an Org Admin

  • User invitation resent: User invitation resent by Org Admin

  • Grant user permission: Org Admin granted a user permission to access a camera group

  • Revoke user permission: Org Admin revoked a user permission to access a camera group

  • User permissions change: Org Admin changed a user’s permissions, such as by making the user a Site Viewer

  • Organization audit log accessed: Audit log was accessed by a user

Org, site, and group creation

  • Organization created: New Org created in Verkada Command

  • Organization deleted: Org deleted in Command

  • Organization modified: Org renamed in Command

  • Camera group created: Site or Nested Site created by Org Admin

  • Camera group renamed: Site or Nested Site renamed by Org Admin

  • Camera group deleted: Site or Nested Site deleted by Org Admin

Camera moves

  • Added camera to group: User added a camera to a group in the Org

  • Removed camera from group: User removed a camera from a group in the Org

Legacy camera audit logs

Access legacy per-camera audit logs

Per-camera audit logs track user actions and individual camera events.

1

In Verkada Command, go to All Products > Cameras.

2

Select a camera and click the Settings icon.

3

Under General, next to Audit Log, select the right (>) arrow.

4

In the top right corner, select Legacy View.

Admins can view the audit log on screen or download as a CSV file to create custom reports.

Access events only in legacy camera audit logs

These are the events that you can only access in the legacy audit logs:

  • Camera initialized: Camera is connected for the first time

  • Connectivity change: Camera lost connection or regained connection to the Internet

  • Motion detection: Camera detected motion in the region of interest

  • Camera rebooted: Camera rebooted (non-user initiated)

  • Tampering detected: Camera detected a tampering event

  • Firmware upgrade: Camera upgraded its firmware

  • Live video shared: User created a shareable link

  • Live video viewed: Live stream viewed from share

  • Live video viewed: User viewed a live stream

  • Live video requested: User initialized a live stream

Legacy per-camera audit log events

This section explores different events tracked in the per-camera audit log. Each event contains the following information:

  • Timestamp of when the action took place

  • IP address of the user or device that performed the action

  • Username, phone number, or device that performed the action

  • Action taken

User actions

  • Archive downloaded: User downloaded an archive

  • Camera audit log accessed: User accessed the audit log

  • Fisheye mode changed: User changed mode to Panoramic or 4-way split

  • Camera name changed: User renamed camera

  • Camera rebooted: User rebooted camera

  • Rotation changed: User changed camera orientation

  • Codec changed: User changed codec (Verkada Support only)

  • Focus changed: User adjusted focus

  • Privacy mode changed: User changed Privacy to High or Extreme (Verkada Engineering only)

  • Footage archived: User archived footage

  • Timelapse requested: User accessed a timelapse

  • Archived video deleted: User deleted an archive

  • Footage archived: User created an archive

  • Video archiving stopped: Archive completed

  • Video history viewed: User viewed history

  • Video history request: User accessed historical footage

  • Shared history video requested: Historical footage accessed from a share

  • Shared history video watched: Historical footage viewed from a share

  • Live video shared: User created a shareable link

  • Live video viewed: Live stream viewed from share

  • Live video viewed: User viewed a live stream

  • Live video requested: User initialized a live stream

Camera events

  • Camera initialized: Camera is connected for the first time

  • Connectivity change: Camera lost connection or regained connection to the Internet

  • Motion detection: Camera detected motion in the region of interest

  • Camera rebooted: Camera rebooted (non-user initiated)

  • Camera config changed: Camara configuration changed

  • Tampering detected: Camera detected a tampering event

  • Firmware upgrade: Camera upgraded its firmware

Need more help? Contact Verkada Support.

Last updated

Was this helpful?