Activity logs

View and download event logs.

The Monitor Activity logs page displays logged events. Each event has a type, description, and timestamp:


Activity log list

Tip: Check out the Notification Center Activity tab, which contains the same events as the Activity logs page.
The system retains activity logs for 90 days. If you need to keep events for audit purposes, you can download them in a .csv file.
By default the Activity logs table lists all events for the current day. You can:
  • Change the date range.
  • Search for a string, such as a user name.
  • Filter by activity type.

Event categories

The events logged in the Activity table are also accessible from the Public API. Select a category from the dropdown list to view events of that type. The following table describes events for each category:

Category Description
All activities Events in chronological order with no filter applied.
ACL Events related to user accounts and groups, including permission changes for assets.
APIM APIM user activities and subscription user notifications:
  • API published, unpublished, deprecated, retired, or migrated from legacy APIM to APIM 3.0
  • Developer portal user membership pending, approved, or removed
  • User subscription pending or approved
Asset Events related to assets such as projects, pipelines, accounts, and files (viewed, downloaded, or accessed):
  • Asset created, created by import, moved, deleted, updated, or renamed
  • Asset ownership changes
  • Asset ACL added or removed
User Events related to user accounts:
  • User created, deleted, added to a group, removed from a group, authorization failed, log in (session created), log out (session deleted), locked out, or unlocked
  • User password changed or reset
Policy

Policy created, removed, or updated at any level in the environment, including projects and shared folders in Classic Manager and the API and version level in APIM.
Distribution (Dist)

For Snap Pack distributions:

  • Change in the Snap Pack asset label (Dist override)
  • Change in the Snap Pack asset FQID (Dist change)
Environment (Org) Changes to environment settings:
  • Single Sign-On via SAML v2.0 requests signed update, context added, updated or removed
  • Auto upgrade Snaplex enabled or disabled
  • Snaplex version updated
  • Account data encryption settings, sensitivity levels
  • Trusted Orgs added or removed
  • Configure session or idle timeout
  • User password expiration notice or period change or all passwords expired
  • Alerts/Activity log notification changes
  • User notifications add or remove slack change workspace name
  • Snaplex Notification: email or Slack added or removed
  • Email Encryption enabled or disabled
  • Pipeline Validation enabled or disabled
  • Cloud-triggered, CORS, and Groundplex allowlists added, updated, or removed
  • Cloud Pattern Catalog enabled or disabled
  • SnapGPT enabled or disabled
  • Regression Test Settings enabled, disabled, Snaplex or result directory changed
Project Project-level change to the pipeline validation setting.
Snaplex Changes to Snaplex version, state changes, and events:
  • Node added, restarted, put into or leaves maintenance mode, or crashes
  • Snaplex congested
  • Pipeline terminated
Session User session start and end.
Group Group created updated or deleted.
SnapLogic admin update Changes to SnapLogic admin access.
The following sections describe some specific activities of interest.

Snaplex pipeline interrupter event

When a pipeline is terminated due to excessive memory usage on the Snaplex node, an alert is listed under both the alert categories Snaplex and All. This alert displays the pipeline name, path, and an error message. The Environment admin can also create Alerts/Activity log notifications. For more information refer to create a notification rule.
Activity log for terminated pipeline


Activity log for terminated pipeline in Snaplex tab

OAuth2 token refresh failures

The SnapLogic Platform refreshes the OAuth2 tokens automatically every 20 minutes for accounts that are set to auto-refresh. Failures can occur for several reasons:
  • Incorrect OAuth configuration settings
  • Expired credentials (outdated API keys or access tokens)
Stale account status

The SnapLogic Platform detects failures in the OAuth token refresh process and marks accounts that fail 18 times as stale. This mechanism prevents the refresh of the auto-refresh for the accounts marked as stale. This applies only to accounts that have the auto-refresh functionality enabled. You can view the stale accounts in the Activity log as displayed in the image below:


Activity log for OAuth refresh

You can create a notification rule to receive alerts (via email and Slack) for stale accounts. After you set up a notification rule, you will receive an email or Slack notification similar to the example below:
Stale account notifcation

Email and Slack notifications

The following table lists the events for which Environment admins can create email or Slack notifications:

Notification category Available types
Account Account stale
ACL User permission added to or removed from an asset's Asset Control List (ACL)
API Concurrent or daily API usage
APIM Migration from APIM to APIM 3.0 or pending subscription
Asset Asset created, deleted, updated, moved, renamed, ownership change, or account stale
Broadcast message Custom message sent to all environment users
Dist Snap Pack change in the asset label, override of the FQID, or subscribe
Group

Group create, delete, update, or create provisioned
Session Session start, end, or SSO session
Snaplex Auto scale config update, congestion, node added, node connection rejected, node crash, enter maintenance mode, leave maintenance mode, node restart, pipeline interrupter, or version update
Snaplex node CPU utilization, disk usage, or memory usage
Task Execution duration percentage over or time limit
User
  • User created, deleted, updated, locked out, unlocked, or auth failure
  • Password change, reset, or reset link