Ask Zac
Security & SSO intermediate 20 minutes

How to review Zoom admin audit logs

Learn how to review zoom admin audit logs. Step-by-step guide for Zoom administrators with prerequisites, detailed instructions, and troubleshooting tips.

Published February 26, 2026

The Zoom admin audit logs provide a detailed record of actions performed within your Zoom account, enabling you to monitor user activity, troubleshoot issues, and maintain compliance. To review the Zoom admin audit logs, access the Zoom web portal as an administrator, navigate to the Audit Logs section within the Admin Dashboard, and then filter and export the logs as needed. This allows you to analyze specific events and user actions.

Prerequisites

  • A Zoom account with administrator privileges.
  • Pro, Business, Education, or Enterprise plan.
  • Access to the Zoom web portal.

Accessing the Audit Logs

  1. Sign in to the Zoom web portal as an administrator.
  2. In the navigation menu, click Advanced, then click Audit Logs. This will take you to the Audit Logs page.

Filtering Audit Logs

  1. On the Audit Logs page, specify the date range for the logs you want to view using the From and To date pickers. The maximum date range is one month.
  2. In the Activities dropdown menu, select the specific activities you want to audit. Examples include User Management, Group Management, Meeting Management, and Account Settings.
  3. (Optional) In the Users field, enter the email addresses of the specific users whose activities you want to audit. If you want to view logs for all users, leave this field blank.
  4. (Optional) In the IP Address field, enter the IP address of a specific user, if you want to view the activities associated with that IP.
  5. Click the Search button to apply your filters. The audit logs that match your criteria will be displayed in a table.

Understanding the Audit Log Table

  1. Review the columns in the audit log table. The columns typically include:
    • Date: The date and time the activity occurred.
    • Activity: A description of the activity that was performed (e.g., “User Created”, “Meeting Updated”).
    • User: The email address of the user who performed the activity.
    • IP Address: The IP address from which the activity was performed.
    • Data: Additional details about the activity, such as the user that was modified or the meeting that was updated.

Exporting Audit Logs

  1. After filtering and reviewing the audit logs, click the Export button to download the logs in CSV format.
  2. In the Export Range window, you can either export the current page or specify a custom range.
  3. Click Export to download the CSV file to your computer.
  4. Open the CSV file with a spreadsheet program like Microsoft Excel or Google Sheets to further analyze the data.

Troubleshooting Specific Activities

  1. User Management: To review logs related to user creation, deletion, or modification, filter the logs by “User Management” in the Activities dropdown. This is useful for tracking changes to user accounts.
  2. Meeting Management: To monitor changes made to meetings, such as scheduling, updating, or deleting, filter the logs by “Meeting Management”. This helps identify unauthorized changes to meeting configurations.
  3. Group Management: If you want to track the activities related to creating, deleting or changing groups on your account, filter logs by “Group Management”
  4. Account Settings: To review changes to account-level settings, such as security settings or feature configurations, filter the logs by “Account Settings”.
  5. Role Management: To review the changes made to the role configuration of a user on the account, filter logs by “Role Management”.

Common Issues

  • No logs are displayed: Ensure that you have selected a valid date range and that activities have occurred within that range. Widen the date range and remove filters to see if any logs appear.
  • Incorrect time zone: Audit logs are displayed in UTC time. Adjust your local time zone accordingly when reviewing the logs.
  • Missing specific activities: Verify that the specific activity you are looking for is included in the selected activities filter. Try selecting all activities to see if it is logged under a different category.
  • Exported CSV is unreadable: Ensure that your spreadsheet program supports CSV files and that the character encoding is correctly set (usually UTF-8).
  • Exceeding maximum date range: Audit Logs can only be requested for one month at a time, if you are looking for older logs, perform several exports for smaller timeframes.

Frequently Asked Questions

How long are Zoom admin audit logs retained?

Zoom retains admin audit logs for a period of 180 days. After this period, the logs are automatically purged and are no longer accessible.

Can I export the Zoom admin audit logs?

Yes, you can export the audit logs in CSV format for offline analysis and reporting. This allows you to further investigate events and maintain a record for compliance purposes.

What kind of information is included in the Zoom admin audit logs?

The audit logs contain details about administrative actions performed within the Zoom account, such as user management activities, changes to account settings, and security modifications. This includes the user who performed the action, the date and time, and the specific changes made.

Who has access to view the Zoom admin audit logs?

Typically, only users with the 'Admin' role or custom roles with the necessary permissions can access and review the Zoom admin audit logs. Ensure your organization's role assignments are aligned with your security policies.

Need help configuring this?

Ask Zac can walk you through the setup step by step, or configure it for you automatically.

Try Ask Zac →