Auditing events in BlackBerry UEM
If you have
BlackBerry UEMinstalled in an on-premises environment,
BlackBerry UEMkeeps administrator and security audit events in log files that you can use to investigate any administrator actions and interactions between
BlackBerry UEMand devices.
BlackBerry UEMrecords all actions that administrators perform in the management console and displays them in the Audit screen. You can filter the list of actions to display only the actions that are relevant to your investigation. For further analysis or reporting purposes, you can export the filtered list to a .csv file.
You can export security audit events to a .csv file from the Audit configuration screen. Security audit events include server actions such as the delivery of commands or policies, starting or stopping a
BlackBerry UEMinstance, initiation or termination of trust channels, certificate validation status, and changes to the audit settings. From the Audit configuration screen, you can choose the types of security events that you want to record in the log file. For some events, you can choose to log the event based on whether it completes successfully or doesn't complete.
Viewing and exporting administrator and security audit events is not supported for
BlackBerry UEM Cloud.