Automation Cloud admin guide

Last updated Oct 9, 2025

About logs

A log is an array of data ordered by time that follows the "first in, first out" rule. That means the oldest log entry is the first one deleted at the end of the retention period. Logs help with debugging issues, increasing security and performance, or reporting trends.

Cloud Portal and cloud services are using different types of logs to help with debugging issues, increasing security and performance, or reporting trends.

Audit logs

Audit logs are a special type of logs that help to gain insight into events that happened within your organization. It answers the who, when, and where for every event, and it allows you to keep track of important changes.

Note:

When extracting audit logs, only the last 5000 entries are downloaded.

Organization administration

The Audit Logs page captures actions performed from the Admin pages and log in activity for the organization. This includes user log in activity, license upgrades, any changes made to your tenants, refresh of an API key, and more.

As the organization administrator, you can view the audit logs by going to Admin > Organization > Audit Logs.

Note:

Each audit log entry is kept for approximately 30 days in the case of Community accounts, and for two years for Enterprise.

To keep the logs beyond this limit, we recommend to periodically archive them as CSV files to your local storage. Select Download to export the audit logs.

Automation Ops

This section describes the audit log actions recorded for Automation Ops. For each action, the following table lists what action is logged and the captured information:

Category	Action	Description	Logged Information
Governance	Create Policy	A user successfully creates a new policy.	Policy name, product name, policy data, priority, availability.
Governance	Edit Policy	A user successfully edits an existing policy.	For both the original policy and the edited policy: name, product name, policy data, priority, availability.
Governance	Upload Policy	A user successfully uploads a policy.	Policy name, product name, policy data, priority, availability.
Governance	Delete Policy	A user successfully deletes a policy.	Policy name, product name, policy data, priority, availability.
Governance	Deploy To Tenant	A user successfully deploys one or more policies at tenant level. Each per-product edit is tracked in a separate log, regardless of whether or not it is the result of a bulk action.	Policy name or No policy / Inherit, license name, product name, tenant name.
Governance	Deploy To Group	A user successfully deploys one or more policies at group level. It includes all actions that can affect the deployment settings: editing a group’s deployment settings removing a group deployment (results in Inherit) Each per-product edit is tracked in a separate log, regardless of whether or not it is the result of a bulk action.	Policy name or No policy / Inherit, license name, product name, group name.
Governance	Deploy To User	A user successfully deploys one or more policies at user level. It includes all actions that can affect the deployment settings: editing a user’s deployment settings removing a user deployment (results in Inherit) Each per-product edit is tracked in a separate log, regardless of whether or not it is the result of a bulk action.	Policy name or No policy / Inherit, license name, product name, user name.
Governance	Edit Version	A user performs a successful upgrade / downgrade of a policy template Each per-product edit is tracked in a separate log, regardless of whether or not it is the result of a bulk action.	Product name, old template version, new template version (major.minor.patch).
Source Control	Set up connection	A user succesfully creates a new connection to an external provider.	Organization name (GitHub) / Account Id (Azure)
Source Control	Remove connection	A user succesfully removes a new connection to an external provider.	Organization name (GitHub) / Account Id + Account name (Azure)
Source Control	Connection synchronization	The connection to an external provider is updated.	Organization name (GitHub) / Account Id + Account name (Azure)
Artifacts	Add Custom Feed	A user adds a custom feed.	Feed name, type, URL, security method, description.
Artifacts	Deploy Feed To Tenant	A user deploys a feed to a tenant.	Feed name and URL, tenant name.
Artifacts	Remove Feed From Tenant	A user removes a feed from a tenant.	Feed name and URL, tenant name.
Artifacts	Remove Custom Feed	A user deletes a feed.	Feed name, type, URL, security method, description.
Artifacts	Edit Feed	A user edits the details of a feed.	For both the original feed and the edited feed: name, type, URL, security method, description, tags.
Artifacts	Upload Package	A user uploads a package to a feed.	Package name and version, feed name and URL.
Artifacts	Remove Package	A user removes a package from a feed.	Package name and version, feed name and URL.
Artifacts	Copy Package	A user copies a package from one feed to another.	Package name and version, name and URL of source and destination feeds.

Orchestrator

The audit from the Orchestrator service lists all the events linked to a specific tenant. You can notice folders or machines creations, packages uploads, roles assignments, or settings updates. Simply put, every step that may influence the orchestration process is captured inside the Orchestrator's Audit page.

You need to be an Administrator to access the Audit page at the tenant level.