Account Management audit logs

  • Explanation
  • 5-min read
  • Published Nov 11, 2025

Dynatrace provides audit logs of all changes to your account-level identity and access (IAM) management settings, including:

  • Group permissions.
  • Group memberships policies.
  • Boundaries.

Administrators can view these logs in Account Management > Settings > Audit log.

For more information about audit logs, see Audit logs on Grail.

Required permissions

To view Account Management audit logs you need the following permissions:

  • To view the Audit logs page, you need the account-company-info role.

  • To access audit logs via API, you need

    • An OAuth client with the account-audit-logs-read scope.
    • The account-company-info role.

Audit log contents

Each audit log contains all information about a specific configuration change. These could be caused by a UI interaction, an API call via Dynatrace Platform Subscription API, a system event, or a scheduled non-interactive task.

This includes, for example:

  • Timestamp: The time at which the request was processed. (All time references are based on the UTC+0 time zone.)

  • User: The user that made change. (The DYNATRACE user indicates a change made by a Dynatrace employee or an internal system event.)

  • Event provider: The category of resource in which the change was made, such as IAM (Identity and account management).

  • Event type: A specific identifier from the area that specifies the change that is recorded in the audit log.

  • Resource: The identifier of the resource that is being audited.

  • Resource name: The name of the resource.

Examples of complete audit log entries are provided at Account Management audit log examples.

How to use the Audit log page

Audit log view in Account Management

The Audit log page has four main sections:

  • A text box in which you can search for and filter log entries.
  • A table that contains the main information related to the configuration change.
  • A diff-style view of the change.
  • Complete information related to the configuration change.

Filter

The Filter text box is visible at the top of the Audit logs screen. Use the filter to run and filter queries by the contents of the configuration change. You can run queries with or without filters.

In any case, a maximum of 1,000 audit logs can be returned in a single query.

You can filter by

  • User
  • Event provider
  • Event type
  • Resource
  • Resource name
  • Timeframe

To run a query, select either Update or Refresh (depending on whether or not you've already run a query).

Select the right timeframe scope
  • If you get a No data available message, expand the search timeframe to include a wider range of dates.
  • If your timeframe is set too large, it's possible that some individual log messages will not be read during processing, and therefore will not be presented via the UI or API.

Main information

The table, visible in the middle of the page, presents the main information related to the request.

To view all information about a given log entry, select that entry in the table. The diff-style view and Raw data pane open at the bottom of the screen.

Diff-style view

When you select a log entry, a pane opens at the bottom of the page to show the specific change that was made.

  • Previous state: The value prior to the change.
  • Current state: The value after the change.

Raw data

The Raw data pane, to the left of the diff-style view, contains the complete JSON contents of a given audit event.

Use the Search raw data field to search for specific text strings within the payload.

Related tags
Dynatrace Platform