Audit log

For:
Marketers Agencies Ad networks
Last update:

At a glance: Identify and protect against unauthorized access to your AppsFlyer account using the Audit log. View and download a summary of security-related activity in your account.

Overview

In order to protect the security of your AppsFlyer account, it is advisable to periodically review who is accessing your account and how it is being accessed. The Audit log provides a central location to review the following types of activity in your account:

  • System access (user logins, login attempts, and logouts)
  • Changes to User management settings (add, edit, or delete users)
  • API calls (accessing services)
  • Integrated partner permissions (turning on/off, modifying permissions)
  • Validation rules (creating, updating, deleting validation rules)
  • Allowlists (API allowlist and Redirect allowlist activities)
  • My apps (adding, updating, and removing apps)
  • Audiences (creating, updating, splitting audiences)
  • Incrementality for retargeting (creating, updating, deleting experiments)
  • Incrementality for UA (creating, ending, deleting experiments)

Audit log data is available for the past 90 days.

To access the Audit log:

  1. From the menu bar, access the user menu (email address drop-down).
  2. Select Security center.
  3. In the Audit log section, click View audit log.

Using the Audit log

A description of the data provided by the audit log and a summary of its capabilities are provided in the table below.

audit_log.png

  Item Description

A.png

 Search box & filters

Filter the displayed data to focus only on what you want to see:

  • Use the search box to filter the data by a specific term (such as a relevant App ID, email address, etc.)
  • Use the date picker to select the timeframe for which data is displayed
  • Use the service filter to filter the data based on the specific services accessed:
    • System access
    • Integrated partner permissions
    • User management
    • Validation Rules
    • API calls

    Note that the API calls service is deselected by default in order to optimize report readability. Be sure to select this service if you want to include it in the report.
B.png Audit log data

Each entry in the the audit log includes the following data:

  • Date & time: the date and time the service was accessed (in UTC)
  • App/account accessed:
    • For user logins (System access) and User management, this column shows Account (indicating account-level access).
    • For API calls, this column shows either Account access or the App ID of the app for which data was accessed.
  • Credentials
    • For System access or User management, this column shows the email address of the user accessing the service.
    • For API calls, this column shows the AppsFlyer API token used (V2)
  • Service: the service that was accessed (System access, User management, or API calls)
  • Action: the logged action (examples: login, logout, the data accessed by an API)
  • Details: Additional details about the logged action
C.png audit_log_download_button.png

Click the download button to download the audit log as a CSV file.

  • All selections applied to the report as displayed on screen (using the search box and filters) are applied to the downloaded file as well.

Troubleshooting

Why does an advertiser's audit log show partner API call requests?

When a partner makes an API request on an app owned by an advertiser, both the partner and the advertiser see the request in their audit log. 

When an advertiser makes an API request using their own token, it will only show in the advertiser's audit log.