- Classic
- OIE
- System Logs
- User Profile Changes
Use Event Types in the system log to find this information.
Specifically, these are the events that are likely to be interested in:
directory.app_user_profile.update - Update application user profile.
system.agent.ldap.update_user - Fired when LDAP Delegated Authentication is used to sign in and a user profile is updated. Can be used by admins to identify user profile changes resulting from corresponding changes in the LDAP directory. The previous name for this event was system.agent.ad.update_user.
user.account.update_profile - Update user profile for Okta.
user.account.update_user_type - Fires when a user changes from one type to another. Can be used to audit when a user gets converted from a contractor to a full-time employee. Data includes the old and new type ids. There may be an accompanying update_profile event if values were changed.
Enter the following in the search bar when searching system log:
eventType eq "directory.app_user_profile.update" or eventType eq "system.agent.ldap.update_user" or eventType eq "user.account.update_profile" or eventType eq "user.account.update_user_type"
If required download the CSV or Expand All to view the details of each event.
