User report and admin audit log
In G Suite, Reports and Audits refer to a set of tools that provide administrators with insights into how their organization is using G Suite. These tools allow administrators to track user activity, monitor security events, and troubleshoot issues.
There are several types of Reports and Audits available in G Suite, including:
User Reports: These reports provide administrators with information on how users are using G Suite services, such as Gmail, Drive, and Calendar. Usage reports can help identify which services are most heavily used, which users are inactive, and how much storage is being used.
Admin Audit Logs: These logs provide a detailed record of administrative actions taken within G Suite, such as user account changes, settings modifications, and login events. Admin audit logs can help administrators track changes made to their organization's G Suite configuration and identify any unauthorized activity.
By using Reports and Audits in G Suite, administrators can gain valuable insights into how their organization is using G Suite, identify potential security risks and issues, and take action to address them.
Reports:
The general steps for using Reports in G Suite:
Step 1: Log in to the G Suite Admin console using an account with administrative privileges.
Step 2: Click on the Reporting -> Reports section of the Admin console, depending on the type of report you want to run.
Step 3: Select the type of report you want to run, for example, “User reports” -> Accounts
Step 4: Click on the download option for fetching all the users reports. ( Also, you can fetch a single user report by setting a Add filter - User name - Enter the user Email ID )
Step 5: Select the columns and format -> Click on Download
Step 6: Review the report log to gain insights into how your organization is using G Suite, identify potential issues or security risks, and take action as needed.
Please find the below Google article for your reference.
Audit and investigation:
The general steps for using Audit and investigation in G Suite:
Step 1: Log in to the G Suite Admin console using an account with administrative privileges.
Step 2: Click on the Reporting -> Audit and investigation section of the Admin console, depending on the type of audit you want to run.
Step 3: Select the type of audit you want to run, for example, “Admin audit log”
Step 4: You can fetch a single user report by setting a Add filter - Actor - Enter the user Email ID -> Apply -> Click on Search
Step 5: After fetching the particular admin event - Click"Export" to generate the audit log by providing the Name of the file and Format of the file.
Step 6: Review the audit log to gain insights into how your organization is using G Suite, identify potential issues or security risks, and take action as needed.
Please find the below Google article for your reference.
https://support.google.com/a/answer/4579579?hl=en&sjid=14927319428079630861-AP
Note: Keep in mind that these are general steps and the specific process may vary depending on the type of report or audit you want to run. It's recommended to consult the official G Suite documentation for detailed instructions on how to use Reports and Audits in G Suite.