Skip to main content

How to access audit trail

  • Login to your idemeum admin portal
  • Navigate to ActivityAudit trail
Clean Shot 2026 05 25 At 16 12 17@2x

JIT for computers audit trail

The following events are captured for computer access. Computer access - this event provides technician email address, desktop name, and the account that was used for login. 
alex@nikpot.com logged into the Desktop W11-L-ELEVATED with account MSP-ALEX.
Log off or lock - this event provides technician email, desktop name, and account that was used. 
alex@nikpot.com has logged off the Desktop W11-L-ELEVATED with account MSP-ALEX.
Offline code retrieval - when a technician accesses offline code on a mobile device for a workstation, mobile application captures the event. 
alex@nikpot.com accessed offline code for Desktop machine W11-L-ELEVATED.

JIT for Entra audit trail

The following events are captured for Entra ID access. Entra account request - when technician navigates to idemeum portal and requests Entra ID account to be enabled or provisioned, we capture an event along with technician email address and the account name that will be provisioned. 
alex@nikpot.com requested access to application Entra 365 onmicrosoft. User account msptech6913@NETORGFT11060369.onmicrosoft.com created.
Entra account disabled - we capture audit events when technician Entra ID accounts are disabled. This happens when configured time for which account needs to stay active passed (default 4 hours). 
System disabled user account msptech6913@NETORGFT11060369.onmicrosoft.com in application Entra 365 onmicrosoft.
Entra account credentials access - audit event is captured when technicians view credentials for Entra ID accounts. 
alex@nikpot.com accessed Entra 365 onmicrosoft credentials.