Back to top

Audit log

Last updated December 15th, 2023

Perform these steps to configure audit logging on enterprise devices. The audit log policies are supported on devices running Android 9 (Knox 3.4) to 11 (Knox 3.7.1).

Apply audit logging in Fully Managed (DO) mode or in the device side of a Work Profile on Company-owned device (WP-C)

  1. In your supported UEM, under Device-wide policies (Selectively applicable to Fully Managed Device (DO) or Work Profile on Company-owned devices (WP-C) mode as noted), turn on Enable device policy controls.

    Note

    If you are configuring audit logging in the device side of a WP-C device, you must also go to Work profile policies (Profile Owner) and turn on Enable work profile policies.

  2. Perform the following steps under Device-wide policies (Selectively applicable to Fully Managed Device (DO) or Work Profile on Company-owned devices (WP-C) mode as noted):

    1. Enable Enable Audit Log.

    2. Under Audit Log Policy Configuration > Audit Log Policies, select all the audit policies to be captured.

    3. Under Audit Log Policy Configuration > Audit Log Outcome, set the outcome of the audit log.

    4. Under Audit Log Policy Configuration > Audit Log Severity Level, set the severity level of the audit log.

    5. Under Audit Log Frequency, set how often the audit log will be captured.

Apply audit logging in Profile Owner (PO) mode or in the PO side of a Work Profile on Company-owned device (WP-C)

  1. In your supported UEM, under Work profile policies (Profile Owner), turn on Enable work profile policies.

    Note

    If you are configuring audit logging in the PO side of a WP-C device, you must also go to Device-wide policies (Selectively applicable to Fully Managed Device (DO) or Work Profile on Company-owned devices (WP-C) mode as noted) and turn on Enable device policy controls.

  2. Perform the following steps under Work profile policies (Profile Owner):

    1. Enable Enable Audit Log.

    2. Under Audit Log Policy Configuration > Audit Log Policies, select all the audit policies to be captured.

    3. Under Audit Log Policy Configuration > Audit Log Outcome, set the outcome of the audit log.

    4. Under Audit Log Policy Configuration > Audit Log Severity Level, set the severity level of the audit log.

    5. Under Audit Log Frequency, set how often the audit log will be captured.

Is this page helpful?