Business and Enterprise admins can monitor activity and view data about their Box accounts and the content owned by their accounts by generating reports in the Admin Console. Reports can be generated on-demand for any specified time period and these reports can go back as far as 7 years, or as long as you have an account tariff with reporting access.
 

 
Both admins and co-admins can run and filter reports, depending on permission settings:
  • The primary admin can run reports and filter by any group or managed user.
  • Any co-admin who has permission to Run new reports and access existing reports (marked in orange below) can run the usage logs that are date bound (without selecting a user or group).
  • A co-admin who has permission to Run new reports and access existing reports (marked in orange below) and permission to Manage groups (marked in green below) can run a usage log by groups. 
  • A co-admin who has reporting permissions and has Shared contacts checked on (marked in blue below) can run a usage log by user. 

reports - 1

 

To run reports:
From the Admin Console, in the lefthand navigation, click Reports.
Running Reports - Reports link.png
From the Reports screen you can run the following reports:
 

User Activity

User Activity reports provide an overview of the actions your users are taking in Box. Use this report to view all the actions made by your users within a given time period. You can select a Group or Managed User to filter by. Then you can filter by action type using the dropdown below the header. If you choose to export this report, a new folder will be created in your Box Reports folder containing a .csv file. This folder description in the right hand sidebar will contain information about your report. It may take some time for the .csv file to appear. While your report is exporting, the Status field in the folder description will read In Progress. Once your report has been exported, the status changes to Complete
 
Below is a list of actions you can filter by, and a description of each action. 
 
Application
Added public key to application
 Added a public key used to authenticate a custom app
Deleted public key from application
 Removed a public key used to authenticate a custom app
 
Automations
Created Automation
User added a new Automation process in the Admin Console. 
Deleted Automation
User deleted an existing Automation process in the Admin Console. 
Edited Automation
User edited an existing Automation process in the Admin Console. 
 
Collaboration
Accepted invite
User accepted an invitation to join a shared folder as a collaborator. This action is the same whether the user chose to auto-accept invitations or not. 
Changed user or group role
User has modified either his own or a collaborator's role (access level) in a shared folder. 
Extend collaborator expiration
User has extended the expiration date of another user's collaboration privileges.
Removed Collaborator
User removed a collaborator from a shared folder
Invited collaborator
User added a collaborator to a shared folder
Rejected invite
User rejected an invitation to join a shared folder as a collaborator.
Collaboration expired
User was removed from a shared folder after the collaboration expiration date (set by folder owner or enterprise admin) lapsed.
 
Comments
Created Comment
User added a comment on a file.
Edited Comment
User edited an existing comment on a file.
Deleted Comment
User deleted an existing comment on a file. 
Created Annotation
User created an annotation on a file.
Deleted Annotation
User deleted an annotation on a file.
Edited Annotation
User edited an annotation on a file. 
 
File Management
Copied
User created a copy of a file.
Moved to trash
User moved a file to the trash. File can be recovered for 30 days after date of deletion.
Downloaded
User downloaded a file.
Edit
User made changes or saved a new version of a file.
Locked
User locked a file, restricting access.
Moved
User moved a file to a new location in Box.
Previewed
User previewed a file in Box.
Renamed
User renamed a file.
Set file auto-delete
User set a file to delete automatically on a certain date. 
Restored from trash
User restored a deleted file from the trash.
Unlocked
User unlocked a file, permitting access.
Uploaded
User uploaded a file.
File version restored
User restored a previous version of a file.
File marked malicious
User marked a file as malicious.
Applied watermark
User added a watermark to a file. Watermark will display the current viewer's email address or IP address, as well as time of access across the document's contents
Removed watermark
User removed the watermark from a watermarked file.
Synced folder
User synced a folder to his/her desktop.
Un-synced folder
User un-synced a folder from his/her desktop.
 
Groups
Added to group
User added another user to an existing group.
Created new group
User created a new group.
Deleted group
User deleted an existing group.
Edited group
User edited a group in any way, including adding another user to the group. 
Created Group Admin
Admin or Co-Admin appointed a group admin. 
Updated Group Admin Permissions
Admin or Co-Admin modified group admin permissions.
Deleted Group Admin
Admin or Co-Admin removed a group admin designation. 
Item removed from group
User removed a group's access to a specific file or folder. 
Granted folder access
User granted a group access to a specific folder. 
Removed from group
User removed another user from an existing group. 
 
Legal Holds
Opened legal hold case
User created a legal hold policy in the Policies tab of the Admin Console. 
Edited legal hold case
User edited an existing legal hold policy.
Closed legal hold case
User closed a legal hold policy. 
Created legal hold assignment
User assigned another user as a custodian in a legal hold policy. A custodian is a user who may have had access to the content affected by this legal hold. 
Removed legal hold assignment
User removed another user as a custodian in a legal hold policy. A custodian is a user who may have had access to the content affected by this legal hold.
 
Login
Admin Login
 User with Admin privaleges logged into the account of one of his/her managed users
Added Device Association
Admin pinned the Box application to a user's mobile device. You can view all devices pinned by users under the App Use Management tab of Admin Settings.
Terms of service agreed
User agreed to the Box Terms of Service upon initial login. 
Failed login
User failed to login. User may have input an incorrect password. 
Login
User successfully logged into Box via any endpoint (Web application, mobile apps, Box APIs, etc). 
Terms of service reject
User rejected the Box Terms of Service upon initial login. 
Add login app
User or Admin enabled device pinning, then User logged in.
Removed login activity application
User logged out of a device that he/she logged into previously
Removed Device Association
Admin removed a user's device association. You can view all devices pinned by users under the App Use Management tab of Admin Settings.
Login Verification enabled
User enabled two-step verification for his/her account in account settings.
Login verification disabled
User disabled two-step verification for his/her account in account settings. 
Failed Device Trust Check
User failed a device trust requirement set by enterprise administrator. 
 
Metadata
Added template
Created a new metadata template in the Admin Console.
Removed template
Removed an existing metadata template in the Admin Console.
Edited Attributes
User edited an existing metadata template, adding, removing, or editing attributes.
 
Policies
Violated share policy
User violated a sharing policy, set by enterprise administrator. User may have shared files with an unsecured or restricted web address. 
Unusual download activity
User has downloaded files at a rate that exceeds a download policy set by the enterprise administrator.
Violated upload policy
User uploaded a document containing restricted information as defined by an upload policy set by the enterprise administrator. 
Retention policy changed
User modifed a retention policy. Retention policies do not trigger the event "Created Policy".
Retention policy applied
User created a retention policy. Retention policies do not trigger the event "Created Policy". 
Restored quarantined file
User has restored a file that had been moved to a quarantine folder as a result of a policy set by the enterprise administrator. 
Created Policy
User created a security policy in the Admin Console. 
Deleted Policy
User deleted an existing security policy in the Admin Console. Applies to all policies except retention policies, which can only be retired. 
Edited Policy
User edited an existing policy in the Admin Console. 
Retired Policy
User retired an existing policy in the Admin Console. Applies only to retention policies, which cannot be deleted. 
 
Shared Links
Item Shared
User created a shared link to a file or folder.
Item Share Updated
User updated the shared link settings for an existing shared link to a file or folder.
Extend shared link expiration
User extended a shared link's expiration date.
Set shared link expiration
User set an expiration date for a shared link. After this date, the link will no longer be valid. 
Disabled shared link
User disabled an existing shared link. 
 
Tasks
Assigned a task
User assigned another user a task.
Updated a task assignment
User modified a previously assigned task.
Created a task
User created a task. This does not mean that the task was assigned to anyone. 
 
Users
Created new user
User created another user in your Box account using the Admin Console.
Changed admin role
User changed an admin's privileges, either making a user an admin or removing a user as an admin. 
Changed primary email
User changed his/her primary email address.
Deleted user
User deleted another user in your Box account using the Admin Console. 
Edited user
User modified another user's information using the Admin Console. 
 
Invited user to enterprise
User invited someone outside your enterprise to join your enterprise Box account. 
Rejected enterprise invite
User rejected an invitation to join your enterprise Box account.
Removed secondary email
User removed his/her secondary email address.
Accepted enterprise invite
User accepted an invitation to join your enterprise Box account.
Added secondary email
User added a secondary email address. 
 
Notes: 
  • Actions taken by External Users will be included within a User Acitvity Report if the report is run on the entire Enterprise.
  • If the date range is within last year, it is usually faster to run the report in Box rather than exporting it.
  • If your date range is greater than 1 year, you must export the report. The run button will be disabled. 
  • User actions may be delayed by up to 15 minutes before appearing in exported .csv reports. User actions may be delayed by up to 1 minute when viewing the report in default user interface.
  • A "user" with the name Box Admin Reports will display as a newly-created user the first time an Admin runs a report. 
 

User Statistics

A User Statistics report gives you a breakdown of your managed users, groups, and external users, showing how many actions they have made in Box over a given period of time. When you export this report, a new folder will be created in your Box Reports folder containing a .csv file. This folder description in the right hand sidebar will contain information about your report. It may take some time for the .csv file to appear. While your report is exporting, the Status field in the folder description will read In Progress. Once your report has been exported, it will change to Complete
 
Run a User Statistics report to determine how many times a specific user or group has:
  • logged in
  • used incorrect log in credentials
  • uploaded a file
  • downloaded a file
  • previewed a file
  • edited a file 
  • deleted a file
Note: you may see an "Anonymous" user on the User Statistics report which shows when anyone who wasn't logged into Box took an action on action on a Box item. This can occur for various reasons:
  • Shared Links: Users do not need to be logged into Box to access a shared link. Thus you may see previews, uploads, and downloads by "Anonymous". This typically relates to shared link activity. 
  • Upload Embed Widget and Email Upload: Users do not need to be logged into Box to upload via these options. Thus, you may see "Anonymous" making many uploads. 
  • Embed Widget: Users do not need to be logged into Box to preview an embed widget on a website. Thus, you may see "Anonymous" previews. 
  • API integration: you may see other "Anonymous" actions if you have an API integration that performs actions in your account. 
  • If you are curious for more details around an "Anonymous" action, run a User Activity Report for that action type and select the same date range. 

Security Logs

Your Security Logs keep track of all changes made to settings in your Admin Console. Run a Security Logs report to see what settings have been changed within a given time period, and who made said changes. This report can be useful for monitoring the actions of a Co-Admin or multiple administrators, as well as keeping track of your enterprise settings.
 

Folders and Files

The Folders and Files report lists all the content in your Box account, 
 
A Folders and Files report contains the following information for each file and folder in your account: 
  • Owner Name
  • Owner Login
  • Path (file path in Box)
  • Path ID (item ID of each item in file path)
  • Item Name
  • Item ID (unique ID number assigned to each file)
  • Item Type (folder/file)
  • Size
  • Created
  • Last Modified
  • Uploaded

Note: There is a 10 million item limit on this report. If an organization has greater than 10 million items, the report will not run. 

 

Collaborations

The Collaborations report lists all collaboration invites sent to users both in and outside of your enterprise within a given time period. In this case, the "Owner Name" is the name of the user who sent the invitation, and the "Collaborator Name" is the name of the user invited.
 
A Collaborations report contains the following information for each collaboration invitation: 
  • Owner Name 
  • Owner Login
  • Path (file path in Box)
  • Path IDs (item IDs of each item in file path)
  • Item Name
  • Item ID (unique ID number assigned to each file and folder)
  • Item Type (folder/file)
  • Collaborator Name
  • Collaborator Login
  • Collaborator Type (managed or external)
  • Collaborator Permission
  • Inviter Email
  • Invited Date
  • Invite Accepted Date
 

Shared Links

The Shared Links report lists all active shared links created for files or folders in your Box account. This report is useful when you want to see what content in your enterprise has been shared. 
 
A Shared Links report contains the following information for each shared link:
  • Owner Login (user who owns the file or folder associated with the shared link)
  • Folder/File ID  (unique ID number assigned to each file and folder)
  • Folder/File Name
  • Path (file path in Box)
  • Shared Link Status (who can access the item via the shared link)
  • Shared Link (actual shared link URL)
  • Custom URL (if no custom URL has been set, field will remain blank)
  • Password
  • Expiration
  • Permissions
 

Outbound Collaboration

The Outbound Collaboration report lists all of your managed users who are listed as collaborators in content owned outside of your box account. If a managed user is a collaborator in more than one folder, he/she will be listed multiple times, once for each folder.
 
An Outbound Collaboration report contains the following information for each external collaboration:
  • Account Name (name of external user)
  • Account Login (email of external user)
  • Owner Login (managed user who invited external user)
  • Item Name (folder in which external user is a collaborator)
  • Item ID (unique ID number assigned to folder)
  • Permission Level (access level of external user)
  • Inviter Email
  • Invited Date
  • Invite Accepted Date

 

Legal Holds

A Legal Hold report will export a list of all the files currently being held by an active legal hold. Hover over the legal hold that you would like to run a report on, then click Report to run the report. 
 
A Legal Hold report contains the following information for each file held by the legal hold:
  • Assignment Type
  • Assignment ID
  • Parent Folder
  • Parent Folder ID
  • File Name
  • File ID
  • File Version ID
  • Creation Date
  • Uploaded Date

 

Platform Activity

The Platform Activity report helps you monitor your organization’s consumption of platform resources. 

 

The Platform Activity report displays the total number of API calls (that is, platform resource usage), by day, from all services (Box applications, third-party integrations and custom applications) for an enterprise.  An API call is a request made by an API key registered with an enterprise instance of Box to Box's servers using Box's public API endpoints as documented on developer.box.com.  For example, if information about a file is requested to display in a company intranet application, the application "calls" the Box API to request information about the file to display.  The Box first-party applications also use the Box API, so API call information from those applications are included in this report.

 

Data is available for any day after April 1, 2018. For example, on May 19th, a report would

display the total number of API calls by day for April 1st through May 19th. 

 

Future versions of this report will display additional resource consumption and past consumption data.

Version history
Revision #:
31 of 31
Last update:
Wednesday
Updated by:
 
Labels (1)