This audit occurs immediately after a company-owned device is added to the Admin console. Whether the ownership of the device changed.įor example, a personal device was changed to company-owned after its details were imported into the Admin console. Identifier for the device that the event happened on The system records an entry each time a user’s device is compromised or no longer compromised. Compromised devices can be a potential security threat. Devices can become compromised if they’re rooted or jailbroken-processes that remove restrictions on a device. Is no longer syncing because an administrator disabled synchronization.Įxample: User's Nexus 6P is not compliant with set policies because device is not adhering to password policy.Isn’t in device owner mode when device owner mode is expected.Doesn’t have a work profile when a work profile is expected.Doesn’t have the latest Device Policy app installed.Violates an applied password setting or encryption policy.Whether the device complies with your organization’s policies. Whether the application is installed, uninstalled, or updatedĭate and time of the event (displayed in your browser's default time zone) Whether the account is registered or unregisteredįor app-related events, the SHA-256 hash of the application package (Android only) However, old data is still available to admins. If you downgrade to an edition that doesn't support the audit log, the audit log stops collecting data for new events.You can’t see activities for devices that sync corporate data using Google Sync.To see changes to applications on Android devices, you must turn on application auditing. ![]() ![]() To see all audit events for mobile devices, the devices need to be managed using advanced device management.Open the audit and investigation page Before you begin For example, you can see when a user added their account to a device or if a device’s password doesn’t follow your password policy. You can also set an alert to be notified when an activity occurs.įor a full list of services and activities that you can investigate, such as Google Drive or user activity, read through the data sources for the audit and investigation page. There you can view a record of actions on computers, mobile devices, and smart home devices that are used to access your organization's data. You can use the audit and investigation page to run searches related to Device log events. For information about this change, go to Improved audit and investigation experience: What's new in Google Workspace The audit log page has been replaced with a new audit and investigation page.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |