DocumentationAPI ReferenceRelease Notes
Log In
Documentation

Vault Account Activity Report

Suggest Edits

Reporting is available to track account and user activity. Report administrators and users can view and track information about the following:

  • Account creations and deletions
  • Credential check-ins and check-outs
  • Personal credential used
  • Password rotations and changes

How do I access the Vault Account Activity Report page?

  1. Sign into app.beyondtrust.io.
    The BeyondTrust Home page displays.
  2. From the main menu, click Privileged Remote Access > Reports.
    The Reports page opens and the Access tab displays by default.
  3. Click the Vault tab.
    The Vault Account Activity Report page displays.

The Vault Account Activity Report page


  1. Left menu: Easy access to all pages in Privilege Remote Access, including Home, Status, Consoles & Downloads, My Account, Configuration, Jump, Vault, Console Settings, Users & Security, Reports, Management, and Appliance pages.
  2. Status: Takes you to the Status page.
  3. Header: Change tenant site and obtain user profile setting information.
  4. Date Range: View all events within a specific date range.
  5. Account: View all events associated with a specific account.
  6. Performed By: View all events involving a specific user, API account, or the system.
  7. Selection options: Allows you to choose the following options:
    • Reset - Resets all selected items.
    • Download Report- Allows you to download the report in various formats (CSV or Microsoft 2003 or 2007 Excel).
    • Show Report- Displays the report based on the criteria you select.

The report provides the following information:

  • Timestamp: The date and time the event occurred.
  • Account: The account name used with the event.
  • Event Type: The type of event which occurred, such as a credentials checked in or checked out, or password rotated.
  • Performed By: The user who triggered the event.
  • Data: Relevant system information message, for example if a password rotation failed, the error message is indicated.
  • Endpoint: The system where the event the event occurred.
  • Data Service: This column appears in the reporting results only when the Include Windows services events option is enabled. Any error messages that occur with service account rotation events are shown in this column.

ℹ️

Note

  • Events are logged in order to generate reports, and these logs are saved for 90 days.
  • Non-administrative users may experience a more limited user experience depending on the access granted to them by their administrator. For example, a Vault user with limited permissions may potentially see only the Accounts, Vault, and Reports , Vault tabs.
  • If a user has been anonymized in an effort to follow compliance standards, the Vault Account Activity Report may display pseudonyms for user data or may indicate information has been deleted. To learn more about data anonymization and deletion for compliance efforts, please see Compliance reports.

Updated 2 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.