All Products
Search

This Product

    Drive and Photo Service:Team log audit

    Document Center

    Drive and Photo Service:Team log audit

    Last Updated:Nov 07, 2025

    This topic describes the log audit feature, which helps administrators review and manage user historical operations.

      Note

      The log audit feature for super administrator/disk administrator covers all enterprise members, while the team administrator is limited to log audit for their responsible team.

      The log audit page displays operation information of all team members across different platforms (wap, app, web, PC), including operator, operation item, operation details, and client information. Logs are retained for 180 days.

    Procedure

    1. After you log on to the management console, select Log Audit to open the log audit page. You can filter operation logs by the following five dimensions:

      • Time: Set a start and end date to query logs from a specific time period.

      • Space: Filter by enterprise space, team space, or personal space.

      • Operator: Filter by a specific user or their team.

      • Operation type:

        • User operations: Basic file operations, file sharing, file sharing and disk authorization, and account operations.

        • Administrative operations: User and team management, storage management, security policies, log audit, enterprise settings, and dedicated logon configuration.

      • Object (File name): Enter a full file name to locate specific operation records.

      Supported operations:

      • Click Query to apply the filter conditions.

      • Click Reset to clear all filter options.

      • Click Refresh to retrieve the latest log data.

      • Click Export Log to export the currently filtered results to a file for compliance audits or further analysis.

      Log entries include the operation time, operator, operation type, operation object, action details, and device information, such as the IP address and client type. This ensures that enterprise data is traceable and manageable.

      image

    Operation type

    User usage category

    1. File Basic Operations: Upload, download, preview, online editing, shift, copy, rename, add to favorites/remove from favorites, preview/extract compressed files, create folder, create file, add/modify/delete notes, delete, recover from recycle bin, permanently delete, empty recycle bin, permanently retain/cancel permanent retention of versions, add/modify/delete version marks, recover/delete historical versions.

    2. File Sharing: Create sharing, modify sharing, cancel sharing, preview files via sharing link, save files via sharing link, download files via sharing link, upload files via sharing link.

    3. File Sharing And Disk Authorization: Create sharing, cancel sharing.

    4. Account: Successful logon.

    Management control category

    1. User And Team Management:

      1. User management: Create user, disable user, enable user, edit user, delete user, switch user role, set account validity period, change super administrator.

      2. Team management: Create team, edit team, delete team, add team member, delete team member, switch team role.

    2. Storage Management:

      1. User space: Create, disable, enable, edit, delete, or transfer a user space.

      2. Team space: Create, disable, enable, edit, or delete a team space.

    3. Security Policy: Sharing management, sharing/authorization management, preview watermark.

    4. Log Audit: Export logs.

    5. Enterprise Settings: Standard customization, advanced customization, permission template, file settings, file access, historical version settings.

    6. Dedicated Logon Configuration: DingTalk, RAM, LDAP, Microsoft, SAML, and Lark configurations.