Skip to main content

Audit Logs

Administrator

DataCentral provides comprehensive audit logging to help Tenant and Host Administrators monitor user activity, track configuration changes, and maintain security compliance.

1. What is Logged?

The DataCentral audit log captures a wide range of events across the platform.

User Activity

  • Logins and Logouts: Successful and failed authentication attempts, including the login method used (Entra ID, User Pass, etc.).
  • Report Views: When a user opens a report, the specific report ID and timestamp are recorded.
  • Exports: When a user exports data from a visual or a full report page to PDF/Excel.

Administrative Actions

  • User Management: Creating, updating, or deleting users, as well as assigning or revoking roles.
  • Role and OU Changes: Modifications to Role definitions, RLS rules, or Organizational Unit structures.
  • Configuration Changes: Updates to Tenant settings, branding, or authentication configurations.
  • Item Management: Adding, syncing, or removing Power BI Workspaces and reports.
  • Key and Link Generation: Creating or revoking Report Keys and Secure Links.

System Events

  • Entra ID Sync: Results of automated group membership synchronization from Microsoft Graph.
  • Task Execution: Records of Action Tasks and DAX Query Tasks being triggered, including success/failure status and payload details.

2. Viewing the Audit Log

Tenant Administrators can view the audit log for their specific Tenant.

  1. Navigate to Administration > Audit Logs.
  2. The log displays events in reverse chronological order.
  3. You can filter the log by:
    • Date Range: Select a specific start and end date.
    • User: Filter by the email address of the user who performed the action.
    • Event Type: Filter by specific categories (e.g., "Login", "Role Updated", "Report Export").
    • Resource ID: Search for events related to a specific report or setting.

3. Exporting the Audit Log

For compliance reporting or deeper analysis, you can export the audit log data.

  1. In the Audit Logs view, apply any necessary filters.
  2. Click the Export to CSV button.
  3. A file containing the filtered log entries will be downloaded to your local machine.

4. Data Retention

Audit log data is retained according to your DataCentral Edition and deployment model.

  • Standard Retention: Most Tenants retain audit logs for 90 days.
  • Extended Retention: Enterprise Editions or Tenants with dedicated databases may configure longer retention periods (e.g., 1 year or indefinitely).
  • Archiving: For long-term compliance, we recommend periodically exporting the audit log to CSV and storing it in your organization's secure archival system.

5. Host Administrator Visibility

Host Administrators have access to a global audit log that spans all Tenants within the Host Instance.

This allows Host Admins to monitor platform-wide health, track Tenant provisioning actions, and assist Tenant Admins with security investigations. However, Host Admins cannot see the actual data within a Tenant's Power BI reports, only the metadata that a report was viewed or exported.