As an admin of a Dashlane professional plan, you can track your organization's activity from the Activity Log tab of the Admin Console. The Activity Log helps you trace and prevent security vulnerabilities for your organization. You can also conduct an audit by searching and filtering your Activity log or downloading it as a CSV file.
The Activity Log only tracks activity for the past 15 months.
Learn more about tracking your organization's activity
For the professional plans with the Spaces feature, only the actions that involve items in the Business Space will be logged in the activity logs.
How admins use spaces to secure their professional plan
View, search, and filter your Activity Log
- Open the Admin Console
-
Select Activity Log in the menu.
The Activity Log contains two tabs:
- The Activity tab shows the activity of all plan members and the date and time for each entry
-
The Account Recovery Requests tab shows all member admin-assisted recovery requests
You can use the search bar or filter by credential, category, activity type, and date.
Download your Activity Log
You can download a CSV file containing your Activity Log entries. You can customize your download using the search and filter options.
- Open the Admin Console
- Select Activity Log in the menu.
-
Select Download CSV.
What the Activity Log tracks
The Activity Log tracks the following activities.
| Log entry | Description |
| Company account | An admin changed the account name |
| Member account |
A member changed their contact email address A member changed their Master Password A member added or removed a device A member logged in on a device A member turned on or off the feature to reset their Master Password with biometric recovery |
| Member management |
A member was added, reinvited, or removed from your plan An admin promoted a member to admin, group manager, selected group manager, or billing admin An admin demoted an admin, group manager, or billing admin |
| Group management |
A group was created, renamed, or deleted A member joined a group or declined the invitation to join a group An admin invited or removed a member from a group |
| Collections |
A Collection was created, renamed, shared, revoked, or deleted A member joined a Collection or declined the invitation to join a Collection A login was added or removed from a shared Collection A Manager/Editor role for an individual or group on a shared Collection was changed |
| Billing |
An admin extended the account, such as when renewing or moving from a trial to a paid plan An admin added seats |
| Account recovery |
An admin accepted or denied an admin-assisted recovery request A member requested or recovered the account |
| Dark Web Monitoring |
A member added or removed an email address A member received an alert |
| 2-factor authentication (2FA) |
A member activated or removed a 2-factor authentication method A member enters an incorrect email verification code or 2FA token |
| Single sign-on (SSO) |
An admin turned SSO on or off An admin added or verified a domain An admin configured an SSO service provider web address An admin updated Identity Provider metadata |
| Extension deployment | Deployment set up updated |
| SCIM provisioning |
Member provisioning turned on or off Group provisioning turned on or off |
| Splunk integration |
Splunk integration turned on or off Splunk integration edited |
| Dashlane public API | Public API key activity |
| Dashlane's Command Line Interface (CLI) | Enrolled device activity |
| Credential Risk Detection |
An admin turned Risk Detection on or off An employee logs in to a website with a compromised password using Dashlane An employee logs in to a website with a weak password using Dashlane An employee logs in to a website with a compromised password while not logged in to Dashlane An employee logs in to a website with a weak password while not logged in to Dashlane An employee logs in to a website with a compromised password while not having a Dashlane account An employee logs in to a website with a weak password while not having a Dashlane account |
| Vault phishing alerts |
A plan member has received a phishing alert A plan member has entered a password after getting a phishing alert A plan member has entered a password on a risky site |
| AI Phishing Alerts |
An employee dismissed an AI phishing alert An employee accepted an AI phishing alert An employee entered a password on a site they received an alert about |
| Risk Notifications |
An admin installed or uninstalled a messaging-platform integration An admin activated or deactivated a risk notification A batch of notifications was sent to team members A member received a risk notification |
| Credential Risk Alerts |
An admin activated or deactivated a risk alert An employee received a risk alert prompting them to change an at-risk password An employee changed an at-risk password following an risk alert |
| Admin Console Insights Dashboard | An admin downloaded the Insights Dashboard report |
| Shared links with non-Dashlane users | Who created a public link, who accessed it, and when it expired |
Additional activity logs
You can turn on the additional activity logs in the Policies section of the Admin Console.
The additional activity logs are only available from the date the policy is turned on. There won't be additional logs from previous dates.
| Log entry | Description |
| Vault items |
A member adds, imports, edits, or deletes a login or secure note in their vault A member copies details or reveals sensitive fields for items in their vault, like logins, credit cards, bank accounts, secure notes, and secrets. |
| Sharing |
A member shares a login from their vault A member shares a secure note from their vault A member edits or revokes a shared login A member edits or revokes a shared secure note A member accepts or rejects a shared login A member accepts or rejects a shared secure note |
| AI-Powered Autofill |
A member autofills a login from their vault A member autofills a payment from their vault A member logs in with a passkey from their vault |
| Password Health |
A member excludes logins from their Password Health score A member includes logins on their Password Health score |