If you are logged in as a Master Administrator or an Audit user, you can see all the actions performed by all users (including all Master Administrators) on your Keepit account.

If a user attempts to perform an action that is not allowed as per their assigned permissions, this event will be recorded as a denied action. (See also: What user roles are available in Keepit?)

The audit log records every time a user:

User events

  • Signs in or has a failed sign in attempt
  • Creates or deletes a new user
  • User (that is not Master Admin) changes own login or password
  • Master Admin edits own user information
  • Master Admin changes role, password, or expiration time of another user

Connector events

  • Creates a new connector
  • Updates a connector
  • Deletes a connector


  • Schedules a backup (a backup is scheduled the first time a user creates a connector - the next backups run automatically and are not recorded in the logs)  
  • Schedules a restore (includes import)
  • Schedules an item restore


  • Creates a new SSO configuration
  • Creates, updates, or deletes a shared link
  • Downloads a file
  • Downloads a folder as a .zip file
  • Previews a file
  • Browses data (i.e., enters a folder)
  • Browses a shared folder

 See also: How to view audit logs