Legacy Audit Logs
How to access logs that were generated before the audit log update
Updated over a week ago

To ensure Verkada admins are able to access historical events and logs prior to June 10, 2021, the legacy logs will still be accessible and the data can be exported. It’s highly recommended that the historical logs are exported in case the log data is needed for future reference. Logs can be exported by navigating to the legacy view of the organization and camera audit logs.

Legacy Organization Audit Log

Organization audit logs track system access and tie each action to a user. The following actions can be monitored in the legacy organization audit logs:

  • User logins

  • User management

  • Organization, site, and group creation

  • Moving cameras between sites

Accessing Legacy Organization Audit Logs

Users with Org Admin permissions can access organization audit Logs by following the steps below:

  1. Select Admin from the All Products menu in the top left-hand corner

  2. Select Privacy & Security

  3. Select Audit Log

  4. In the top right-hand corner select Legacy View

  5. Admins can view the audit log on screen or download as CSV to create custom reports.

Legacy Organization Audit Log Events

This section explores different events tracked in the organization audit log. Each event contains the following information:

  • Timestamp of when the action took place (displayed in your local timezone)

  • IP address of the user who performed the action

  • Username of user who performed the action

  • Email address of the user who performed the action

  • Action taken

User logins

  • User attempted login: Displays login success or failure, with reason.

  • User attempted logout: Displays logout success or logout failure, with reason.

User management

  • User created: New user created within the Organization

  • User added: New user created within the Organization

  • User removed from organization: User removed by an Organization Admin

  • User invited: User invited by an Organization Admin

  • User invitation resent: User invitation resent by Organization Admin

  • Grant user permission: Organization Admin granted a user permission to access a camera Group

  • Revoke user permission: Organization Admin revoked a user permission to access a camera group

  • User permissions change: Organization Admin changed a user's permissions, such as by making the user a Site Viewer

  • Organization audit log accessed: Audit log was accessed by a user

Organization, Site, and Group creation

  • Organization created: New Organization created in Command

  • Organization deleted: Organization deleted in Command

  • Organization modified: Organization renamed in Command

  • Camera group created: Site or Nested Site created by Organization Admin

  • Camera group renamed: Site or Nested Site renamed by Organization Admin

  • Camera group deleted: Site or Nested Site deleted by Organization Admin

Camera moves

  • Added camera to group: User added a camera to a group in the Organization

  • Removed camera from group: User removed a camera from a group in the Organization

Legacy Camera Audit Logs

Events Only in Legacy Camera Audit Logs

Below are the events that can only be accessed in the Legacy audit logs.

  • Camera initialized: Camera is connected for the first time

  • Connectivity change: Camera lost connection or regained connection to the Internet

  • Motion detection: Camera detected motion in the region of interest

  • Camera rebooted: Camera rebooted (non-user initiated)

  • Tampering detected: Camera detected a tampering event

  • Firmware upgrade: Camera upgraded its firmware

  • Live video shared: User created a shareable link

  • Live video viewed: Live stream viewed from share

  • Live video viewed: User viewed a live stream

  • Live video requested: User initialized a live stream

Legacy Per Camera Audit Logs

Per camera audit logs track user actions and individual camera events. The following steps show how to access the legacy audit logs:

  1. Select a camera

  2. Select Settings

  3. Under General select the > next to Audit Log

  4. In the top right-hand corner select Legacy View

  5. Admins can view the audit log on screen or download as CSV to create custom reports.

Legacy Per Camera Audit Log Events

This section explores different events tracked in the per camera audit log. Each event contains the following information:

  • Timestamp of when the action took place

  • IP address of the user or device that performed the action

  • Username, phone number, or device that performed the action

  • Action taken

User actions

  • Archive downloaded: User downloaded an archive

  • Camera audit log accessed: User accessed the audit log

  • Fisheye mode changed: User changed mode to Panoramic or 4-way split

  • Camera name changed: User renamed camera

  • Camera rebooted: User rebooted camera

  • Rotation changed: User changed camera orientation

  • Codec changed: User changed codec (Verkada Support only)

  • Focus changed: User adjusted focus

  • Privacy mode changed: User changed Privacy to High or Extreme (Verkada Engineering only)

  • Footage archived: User archived footage

  • Timelapse requested: User accessed a timelapse

  • Archived video deleted: User deleted an archive

  • Footage archived: User created an archive

  • Video archiving stopped: Archive completed

  • Video history viewed: User viewed history

  • Video history request: User accessed historical footage

  • Shared history video requested: Historical footage accessed from a share

  • Shared history video watched: Historical footage viewed from a share

  • Live video shared: User created a shareable link

  • Live video viewed: Live stream viewed from share

  • Live video viewed: User viewed a live stream

  • Live video requested: User initialized a live stream

Camera events

  • Camera initialized: Camera is connected for the first time

  • Connectivity change: Camera lost connection or regained connection to the Internet

  • Motion detection: Camera detected motion in the region of interest

  • Camera rebooted: Camera rebooted (non-user initiated)

  • Camera config changed: Camara configuration changed

  • Tampering detected: Camera detected a tampering event

  • Firmware upgrade: Camera upgraded its firmware

Did this answer your question?