If you are logged in as a Master Administrator or an Audit user, you can see all the actions performed by all users (including all Master Administrators) on your Keepit account.

If a user attempts to perform an action that is not allowed as per their assigned permissions, this event will be recorded as a denied action. (See also: Available user roles)

The audit log records every time a user:

User events

  • Signs in or has a failed sign in attempt
  • Creates or deletes a new user
  • Changes own login or password (a user that is not a Master Admin)  
  • Edits own user information (a Master Admin)
  • Changes role, password, or expiration time of another user (a Master Admin)

Connector events

  • Creates a new connector
  • Updates a connector
  • Deletes a connector


  • Schedules a backup (a backup is scheduled the first time a user creates a connector - the next backups run automatically and are not recorded in the logs)  
  • Schedules a restore (includes import)
  • Schedules an item restore


  • Creates a new SSO configuration
  • Creates, updates, or deletes a shared link
  • Downloads a file
  • Downloads a folder as a .zip file
  • Previews a file
  • Browses data (i.e., enters a folder)
  • Browses a shared folder
  • Assigns or removes an RTBF label