Audit Logs

Applies To: Wi-Fi Cloud-managed Access Points (AP125, AP225W, AP325, AP327X, AP420) This topic applies to Wi-Fi 5 access points you manage in Wi-Fi Cloud (AP120, AP125, AP225W, AP320, AP322, AP325, AP327X, AP420).

Wi-Fi Cloud tracks administrative user activity, and you can download and view audit logs that contain a history of administrative user actions.

By default, Wi-Fi Cloud retains user audit logs for a maximum of 30 days. You can use the Audit Logs Retention Policy option to specify a retention value from 7 to 30 days.

For information on how to send audit logs to a syslog server, see Configure Syslog.

Download Audit Logs

To download audit logs from Discover:

1. Select System > Logs.
   The Audit Logs page opens.

2. From the Log Type drop-down list, select the type of log entries to download. The default option is All, which includes all log types in the download.
3. To specify which logs to download, select a From and To date and time, or select the Last option and specify a number of hours, days, or months.
4. From the Ordered by drop-down list, select an option to sort the logs by date and time, module, host address, user role, login name, type, or status of the login attempt.
5. Click Download.
   The logs download as a CSV file.

Audit Logs Retention Policy

By default, Wi-Fi Cloud retains user action logs for 30 days. You can customize the policy and set a retention value from 7 to 30 days.

To modify the audit logs retention policy from Discover:

1. Select System > Logs.
2. Click Audit Logs Retention Policy.

3. Specify the number of days to retain the audit logs.
4. Click Save.

To restore the policy to the default value, click Restore to Default.

To revert to the previous saved settings, select Revert to Previous Settings.

For more information on Wi-Fi Cloud data retention and European GDPR requirements, see GDPR Data Search and Delete in Wi-Fi Cloud in the WatchGuard Knowledge Base.