How to Search System Log for Actions Created by Group Rules
Dec 3, 2025
Administration
Okta Classic Engine
Okta Identity Engine
Overview
This article describes how to search in the System Log for actions created by Group Rules activities.
Applies To
- Group Rules
- System Logs Events
Solution
- Go to Admin > Reports > System Logs.
- Use the next search filters:
- After creating a Group Rule
eventType eq "policy.rule.add" and target.detailEntry.policyType eq "group_rule"
- After updating a Group Rule
eventType eq "policy.rule.update" and target.detailEntry.policyType eq "group_rule"
- For group rule activation/deactivation
eventType eq "policy.rule.activate" and target.detailEntry.policyType eq "group_rule"
eventType eq "policy.rule.deactivate" and target.detailEntry.policyType eq "group_rule"
- After deleting a Group Rule
eventType eq "policy.rule.delete" and target.detailEntry.policyType eq "group_rule"
- Group rule triggered when the condition is successfully met
eventType eq "group.user_membership.rule.trigger"
- When a user is added to a Group by a Group Rule, the event is recorded, and the Group Rule ID can be used to search for that information in System Logs.
eventType eq "group.user_membership.add" and debugContext.debugData.triggeredByGroupRuleId eq "0pr.............697"
