# Audit

## Description

The audit trail page allows you to query for audit records. Each action done at the Soffid console will be reported.

Here you have a list of common Advanced searches, you only have to copy, paste and search, e.g.

```
// User changes trace
calendar ge "2020-01-01T00:00:00.000+01:00" AND user co "admin"
 
// User actions trace
calendar ge "2020-01-01T00:00:00.000+01:00" AND author co "admin"
 
// Soffid accounts
calendar ge "2020-01-01T00:00:00.000+01:00" AND user co "admin" AND database co "soffid"
 
// Created accounts
calendar ge "2020-01-01T00:00:00.000+01:00" AND action co "C" AND object co "SC_ACCOUN"
 
// Removed objects
calendar ge "2020-01-01T00:00:00.000+01:00" AND action co "D" AND object co "SC_ACCOUN"

```

<div id="bkmrk-screen-overview"><span style="color: #222222; font-size: 2.8275em; font-weight: 400;">Screen overview</span></div>[![image-1679557370520.png](https://bookstack.soffid.com/uploads/images/gallery/2023-03/scaled-1680-/image-1679557370520.png)](https://bookstack.soffid.com/uploads/images/gallery/2023-03/image-1679557370520.png)

<div id="bkmrk-custom-attributes"><span style="color: #222222; font-size: 2.8275em; font-weight: 400;">Custom attributes</span>  
<svg class="svg-icon" data-icon="link" role="presentation" viewbox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"></svg></div>- **Date/Time**: date on which the action was performed.
- **Author**: user who launched the task. When the author is empty, the Syncserver launched this task.
- **Purpose**: is the name of the internal object (also the table of the database) which the action was performed.
- **Source IP**
- **User**: identity who performed the action.
- **Information system:**  details on which information system the action was performed.
- **Role**: details the role with which the action was performed.
- **Account**: if the action has taken place on an account, it will be indicated on which one in this section.
- **Group**: details the group with which the action was performed.
- **Action**: the task performed is specified.

## Actions

<table border="1" id="bkmrk-add-or-remove-column" style="border-collapse: collapse; border-width: 1px;"><tbody><tr><td style="width: 173.636px;">**Query**</td><td style="width: 630.909px;">Allows you to query accounts through different search systems, [Quick and Advanced](https://bookstack.soffid.com/books/soffid-3-reference-guide/page/search-types "Search Types").</td></tr><tr><td style="width: 173.636px;">**Add or remove columns**</td><td style="width: 630.909px;">Allows you to show and hide columns in the table.</td></tr><tr><td style="width: 173.636px;">**Download CSV file**</td><td style="width: 630.909px;">Allows you to download a csv file with the information of audit records. </td></tr></tbody></table>