Group 65Go to Verkada
All Collections
Verkada Command
Organization Wide Settings
Accessing Audit Logs

Accessing Audit Logs

Access and view Audit Logs per camera or organization to keep track of what's happening in your organization
Ethan Cuttler avatar
Written by Ethan Cuttler
Updated over a week ago

Verkada logs all user and camera activities in the Command Platform. Audit Logs are maintained at two different levels - organization-wide and per camera. 

Organization Audit Logs

Organization Audit Logs track system access and tie each action to a user. The following actions can be monitored in the Organization Audit Logs:

Accessing Organization Audit Logs

Users with Org Admin permissions can access Organization Audit Logs by following the steps below:

  1. Select your name on the top left of the page.
  2. Select Settings
  3. Scroll all the way down to find Organization Audit Log

Organization Audit Log Events

This section explores different events tracked in the Organization Audit Log. Each event contains the following information:

  • Timestamp of when the action took place (displayed in your local timezone)
  • IP address of the user who performed the action
  • Username of user who performed the action
  • Action taken

User logins

  • User attempted login: Displays username and status as well as login success or failure, with reason. 
  • User attempted logout:  Displays username and status as well as logout success or logout fail, with reason

User management

  • User created: New user created within the Organization
  • User added: New user created within the Organization
  • User removed from organization: User removed by an Organization Admin
  • User invited: User invited by an Organization Admin
  • User invitation resent: User invitation resent by Organization Admin
  • Grant user permission: Organization Admin granted a user permission to access a camera Group
  • Revoke user permission: Organization Admin revoked a user permission to access a camera Group
  • User permissions change: Organization Admin changed a user's permissions, such as by making the user a Site Viewer
  • Organization audit log accessed: Audit log was accessed by a user

Organization, Site and Group creation

  • Organization created: New Organization created in Command
  • Organization deleted: Organization deleted in Command
  • Organization modified: Organization renamed in Command
  • Camera group created: Site or Nested Site created by Organization Admin
  • Camera group renamed: Site or Nested Site renamed by Organization Admin
  • Camera group deleted: Site or Nested Site deleted by Organization Admin

Camera moves

  • Added camera to group: User added a camera to a group in the Organization
  • Removed camera from group: User removed a camera from a group in the Organization

Per Camera Audit Logs

Per Camera Audit Logs track user actions and events related to individual cameras. The following events can be monitored in the Per Camera Audit Logs:

  • User actions
  • Camera events

Accessing Per Camera Audit Logs

Users with Admin permissions to the site or group where the camera resides can access Per Camera Audit Logs by following the steps below:

  1. Select a camera
  2. Navigate to Info → Settings → Audit Log
  3. Admins can view the Audit Log on screen or download as CSV to create custom reports. 

Per Camera Audit Log Events

This section explores different events tracked in the Per Camera Audit Log. Each event contains the following information:

  • Timestamp of when the action took place
  • IP address of the user or device that performed the action
  • Username, phone number, or device that performed the action
  • Action taken

User actions

  • Archive downloaded: User downloaded an archive
  • Camera audit log accessed: User accessed the audit log
  • Fisheye mode changed: User changed mode to Panoramic or 4-way split
  • Camera name changed: User renamed camera
  • Camera rebooted: User rebooted camera
  • Rotation changed: User changed camera orientation
  • Codec changed: User changed codec (Verkada Support only)
  • Focus changed: User adjusted focus
  • Privacy mode changed: User changed Privacy to High or Extreme (Verkada Engineering only)
  • Footage archived: User archived footage
  • Timelapse requested: User accessed a timelapse 
  • Archived video deleted: User deleted an archive
  • Footage archived: User created an archive
  • Video archiving stopped: Archive completed
  • Video history viewed: User viewed history
  • Video history request: User accessed historical footage
  • Shared history video requested: Historical footage accessed from a share
  • Shared history video watched: Historical footage viewed from a share
  • Live video shared: User created a share 
  • Live video viewed: Live stream viewed from share
  • Live video viewed: User viewed a live stream
  • Live video requested: User initialized a live stream  

Camera events

  • Camera initialized: Camera is connected for the first time
  • Connectivity change: Camera lost connection or regained connection to the Internet
  • Motion detection: Camera detected motion in the region of interest
  • Camera rebooted: Camera rebooted (non-user initiated)
  • Camera config changed: Camara configuration changed
  • Tampering detected: Camera detected a tampering event
  • Firmware upgrade: Camera upgraded its firmware
  • Occlusion: Camera was occluded
Did this answer your question?