Auditing events in
BlackBerry UEM

If you have

BlackBerry UEM

installed in an on-premises environment,

BlackBerry UEM

keeps administrator and security audit events in log files that you can use to investigate any administrator actions and interactions between

BlackBerry UEM

and devices.

BlackBerry UEM

records all actions that administrators perform in the management console and displays them in the Audit screen. You can filter the list of actions to display only the actions that are relevant to your investigation. For further analysis or reporting purposes, you can export the filtered list to a .csv file.

You can export security audit events to a .csv file from the Audit configuration screen. Security audit events include server actions such as the delivery of commands or policies, starting or stopping a

BlackBerry UEM

instance, initiation or termination of trust channels, certificate validation status, and changes to the audit settings. From the Audit configuration screen, you can choose the types of security events that you want to record in the log file. For some events, you can choose to log the event based on whether it completes successfully or doesn't complete.

Viewing and exporting administrator and security audit events is not supported for

BlackBerry UEM Cloud

Configure audit settings

View and filter the administrator audit events

Export administrator audit events to a .csv file

Export security audit events to a .csv file

Delete audit records

Auditing events in BlackBerry UEM

Auditing events in
BlackBerry UEM