Audit Report of G-Suite
By using Login audit report you can see the login details of the users through admin panel whether it’s successful or unsuccessful login. Also you can find if any suspicious activities happened.
This is the outline regarding the method of Audit Report of G-Suite. during this Google administrator, use the Login audit log to trace sign-ins to your domain. All sign-ins from internet browsers whether or not they are successful or unsuccessful also as suspicious makes an attempt. All the suspicious login events square measure marked by red warning icon. Here is the step by step procedure to export the audit log information from the Google Admin console.
Step I: Open your Login audit log
1. Use an administrator account for sign in to Google Admin Console.
2. move to reports from the Admin console homepage.
3. Click Login.
4. By preference, click select columns at on the top right. You can choose the column you wish
to view or hide.
● Date—Date the sign-in occurred
● IP Address—Internet Protocol (IP) address utilized by the user to sign up.
● Login type (SSO only)—Displays the ways in which the user login:
Exchange - by providing existing credentials and exchanging it one of
another kind. for instance, exchanging an OAuth token for a security
Reauth - with a password re-authentication request
Security Assertion markup language - via single sign-on (SAML)
Unknown - using an unknown technique.
Step II: Know about Login audit log information
|
Data Type |
Description |
|
Event name |
The action that was logged, like a login challenge or an unsuccessful login attempt. See Event name descriptions for details. |
|
Event description |
Details of the event show within the Event name field. |
|
IP address |
Internet Protocol (IP) address that the user wants to check in to the Admin console. This may show your physical location, however, it may be something else sort of a proxy server or a Virtual Personal Network (VPN) address. |
|
Login Type |
Details of how the user signed in. |
|
Date and time range |
Date and time in which event occurred |
Step III: Customise and export your audit log information
● Filter the audit log data by user or activity
You can limit your audit log to indicate specific events or users. for example, notice all log events for when a user was there with a login challenge, or notice all login activity for a specific user.
1. As shown on top of, Open your Login audit log.
2. Click Filter.
3. choose or enter the idea for your filter.
4. Click Search.
● Export your audit log information
You can export your Login audit log information to a Google Sheet, or save it to a CSV file.
1. As shown on top of, Open your Login audit log.
2. (Preferably) On the toolbar, click choose columns to alter the data to include in your export.
3. Click download on the toolbar.
Step IV: Create email alerts
You can receive email alerts or notification for sign-in activity according to your filters.
-
As shown on top of, Open your Login audit log.
-
Click Filter.
-
Select the standards to filter within the Filters section. You cannot use IP Address and Date and time vary because of the combination of filters.
-
Click Set Alert.
-
Enter an Alert name.
-
Choose the recipients of the e-mail alert:
A. Check the box to deliver the email sent to super admin.
B. Enter the e-mail addresses of the other email alert recipients.
-
Click Save.
