Skip to main content
Passwork LogoPasswork LogoUser guides
search
7.0arrow
search
Version: 7.0

Activity log

Administrators and users with sufficient rights can view user actions in the Activity log. The actions displayed in the Activity log depend on your Passwork role and vault access levels.

Activity log interface
tip
  1. Filter the Activity log by date, users, actions and directories
  2. View detailed information about the selected action
Activity log detailed view
tip
List of activity log events

Vaults

  • Vault created
  • Vault renamed
  • Vault type changed
  • Vault deleted
  • Vault imported
  • Vault exported
  • Request for connection to vault
  • Request for connection to vault declined
  • User connected to vault
  • User direct access to vault changed
  • User direct access to vault revoked
  • User disconnected from vault
  • User left vault
  • Group connected to vault
  • Group access to vault changed
  • Group access to vault revoked
  • Group disconnected from vault

Folders

  • Folder created
  • Folder renamed
  • Folder moved to Bin
  • Folder restored from Bin
  • Folder deleted
  • Folder copied
  • Folder moved
  • Folder imported
  • Folder exported
  • User direct access to folder changed
  • User direct access to folder revoked
  • Group access to folder changed
  • Group access to folder revoked

Passwords

  • Password added
  • Password opened
  • Password edited
  • Password moved to Bin
  • Password restored from Bin
  • Password deleted
  • Password copied
  • Password moved
  • Password imported
  • Password exported
  • Password sent to user
  • User access to password changed
  • User access to password revoked
  • Password sent to group
  • Group access to password changed
  • Group access to password revoked
  • Password link created
  • Password link opened
  • Password link deleted
  • Shortcut created (password)
  • Shortcut moved (password)
  • Shortcut deleted (password)

Shortcuts

  • Shortcut created
  • Shortcut opened
  • Shortcut copied
  • Shortcut moved
  • Shortcut moved to Bin
  • Shortcut restored from Bin
  • Shortcut deleted
  • Initial shortcut password changed
  • Initial shortcut password moved to Bin
  • Initial shortcut password restored from Bin
  • Initial shortcut password deleted

Account

  • Profile and interface settings changed
  • Notification settings changed
  • Password changed
  • Master password changed
  • 2FA connected
  • 2FA enabled
  • 2FA disabled
  • 2FA reset
  • PIN for browser extension set
  • PIN in browser extension changed
  • PIN for browser extension reset
  • Auto sign-out settings changed
  • Session terminated
  • Session lifetime expired
  • Session completed
  • API tokens generated
  • API tokens revoked
  • New session
  • Sign-in attempt failed due to incorrect password
  • Sign-in attempt failed due to incorrect TOTP
  • Failed attempt to enter PIN in browser extension
  • Authentication blocked

User management

  • User created and automatically confirmed
  • User created and awaiting confirmation
  • User registered and automatically confirmed
  • User registered and awaiting confirmation
  • User confirmed
  • User role changed
  • User added to group
  • User excluded from group
  • User profile details changed
  • User profile details changed during LDAP sync
  • User session terminated
  • User authentication type changed
  • User password reset
  • User master password reset
  • User 2FA reset
  • User LDAP synchronization parameters changed
  • User blocked
  • User unblocked
  • User deleted
  • Role created
  • Role renamed
  • Role permissions and settings changed
  • Role deleted
  • Group created
  • Group renamed
  • Group status changed
  • Group deleted
  • Invite created
  • Invite sent
  • Invite deleted
  • Organization owner changed
  • Sign-in attempt with non-existent login
  • Emergency password reset
  • Emergency 2FA reset

LDAP settings

  • LDAP server added
  • Authorization via LDAP server enabled
  • Authorization via LDAP server disabled
  • LDAP server settings changed
  • LDAP user list settings changed
  • LDAP group list settings changed
  • LDAP synchronization settings changed
  • LDAP server connection tested
  • LDAP server deleted
  • LDAP user list refresh started
  • LDAP group list refresh started
  • LDAP group authorization enabled
  • LDAP group authorization disabled
  • Authorization restriction for LDAP groups enabled
  • Authorization restriction for LDAP groups disabled
  • LDAP group mapped to Passwork group
  • LDAP group unmapped from Passwork group
  • LDAP users sync with mapped Passwork groups started
  • LDAP group deleted

SSO settings

  • SSO settings changed

License info

  • License key uploaded

Vault settings

  • Vault type created
  • Vault type parameters changed
  • Vault type deleted
  • Vault settings changed

Background tasks

  • System settings changed
  • All password reindexed
  • Favicon cache reset

Activity log

  • Activity log settings changed

Background tasks

  • Background task history retention period changed
  • Test background task created
  • Background task history cleared

Settings

On the Settings tab you can configure automatic clearing of action history and its retention period.

Passwork can pass more detailed event information to Syslog or Windows event log, where it can be retrieved by Security Information and Event Management systems (SIEM). To do this, you must enable the Write activity logs to syslog or Windows event log option:

Activity log settings
tip

You can find a detailed list of events and technical information on event logging on the corresponding pages of documentation

© 2014–2025 Passwork LLC
Company
About usPrivacy policyISO 27001 certificateRelease notesRoadmapBlog
Browser extension
Google ChromeMozilla FirefoxMicrosoft EdgeApple Safari
Mobile application
App StoreGoogle Play
For business
TeamsSmall businessBusiness and corporatesEnterpriseOn-premise solutionPassword sharing toolSecret management
Help
User manualTechnical documentationHelp center