This quick step-by-step guide will help End Users navigate and utilize the Audit Logs feature within the PowerDMARC portal. Whether you're a Main Admin or Sub Admin, gaining visibility into the actions performed across your account is essential for upholding operational transparency and internal accountability.
What Is the Audit Log Feature?
The Audit Log is a vital component of the PowerDMARC platform that captures a chronological record of user activities within your account. This includes—but is not limited to—login attempts, configuration updates such as changes to SPF, DKIM, DMARC, and MTA-STS, user management operations (e.g., role changes, user additions/removals), policy modifications, and toggling of various features.
By offering detailed tracking of these activities, the Audit Log supports internal compliance efforts, strengthens security oversight, and provides a clear audit trail for any necessary reviews or investigations.
How to Access Audit Logs
Log into your PowerDMARC portal.
Click on “Settings” and then "Audit Log"
Use the filter options to search by Activity, user, or date
You will see a full view of actions performed across your domain
You can also export logs for audit purposes
Audit Logs — Deleted User Visibility Enhancement
The Audit Logs feature has been updated to maintain full traceability even when a user account has been deleted. Previously, deleting a user caused all associated log entries to lose their identifiable context, creating gaps in security monitoring and compliance reporting. With this enhancement, deleted users remain visible in audit logs so you can continue to track all actions performed by or on that account.
What's Changed
Persistent User Identity User identity, email address, and IP address are now captured directly in the audit log record at the time the action occurs. This means the information persists in the log even if the user account is later deleted. This applies to:
End User accounts
MSSP accounts viewing logs as MSSP
MSSP accounts viewing logs as Account Users
"(Deleted User)" Label When a user referenced in a log entry no longer exists in the system, the audit log will display a (Deleted User) label next to their identifier. This label appears in both the Performed By and Target User fields wherever user identity is shown.
Deleted User Filtering The user filter dropdown on the Audit Logs page now includes deleted user accounts. Deleted users are visually differentiated from active users (greyed out) and can be selected alongside active users in a combined filter.
Tips for Effective Use
Regularly monitor the logs to catch any unauthorized or unexpected changes.
Set internal guidelines for reviewing logs monthly or weekly.
Sub admins are limited to viewing their actions.
Use the export feature for archiving or compliance audits.
Important Notes
Audit logs are immutable — the (Deleted User) label is display-only and does not modify the underlying log record.
This enhancement does not restore deleted user accounts or affect existing user deletion workflows.
All existing filtering and log separation behaviour remains unchanged.
Conclusion
The Audit Log feature in PowerDMARC provides full visibility into activities within your account, helping you proactively monitor and manage changes to your email security configurations. Whether you're a Main Admin or Sub Admin, knowing how to access and interpret these logs is essential to maintaining operational security and ensuring internal accountability.
Need help navigating your logs? Our support team is always ready to assist!