Audit Trail Export Dashboard
Audit Trail Export Dashboard is the Setup-area report that lets admins download a CSV of the Setup Audit Trail (every configuration change made by users with Modify All Data or higher permissions) over a date range, then visualize the export as a dashboard.
Definition
Audit Trail Export Dashboard is the Setup-area report that lets admins download a CSV of the Setup Audit Trail (every configuration change made by users with Modify All Data or higher permissions) over a date range, then visualize the export as a dashboard. The dashboard exists because the Setup Audit Trail UI alone is hard to analyze: it shows 20 entries at a time, has no filtering by user or by entity type, and retains data for only 180 days online (six months) before older entries become archived and require export to access.
The dashboard pattern lives on the standard SetupAuditTrail object. Admins export the audit log via the Download button under Setup, Setup Audit Trail, then load it into a CRM Analytics dataset, an external BI tool, or a custom Salesforce dashboard built on imported data. The point is to track who changed what and when across the year, especially for compliance audits, security reviews, and post-incident change forensics. Without the dashboard, the data exists but is unusable at scale.
How the Audit Trail Export Dashboard turns raw setup-change logs into compliance evidence
What Setup Audit Trail captures and what it does not
Setup Audit Trail records every change to setup-area metadata: profile edits, permission set assignments, validation rule changes, flow activations, custom object schema changes, sharing rule updates, and administrative user actions. It does not record data changes (a record being edited by a user), record-level access events, or login activity; those live in separate logs (field history tracking, login history, event monitoring). For data-change audits, combine Setup Audit Trail with Field History Tracking and the Login History reports.
The 180-day online retention and the export problem
Salesforce retains Setup Audit Trail entries online for 180 days. After 180 days, the entries become archived; they still exist and can be retrieved, but the UI no longer shows them by default. The official workaround is to download a CSV via Setup before entries roll off, then import into a long-term store. Most regulated industries (financial services, healthcare) require multi-year retention, so the export is not optional. Automate the export via Tooling API or a scheduled Apex script if compliance requires it.
Loading the export into a dashboard
Three common patterns. CRM Analytics dataset: import the CSV into Analytics Studio, build a dashboard with grouping by action, by user, by section. Custom object with Apex import: build a SetupAuditTrailExport__c custom object, write an Apex class that parses the CSV and inserts rows, then build standard reports and dashboards on top. External BI: load the CSV into Snowflake or BigQuery and dashboard from Tableau. Each path has tradeoffs around licensing, refresh cadence, and how easy it is to give compliance auditors direct access.
Anomaly detection and unusual-change flags
The high-value reports highlight unusual patterns. Sudden bursts of profile edits at unusual hours. Permission set assignments outside the normal access-request workflow. Validation rule deletions or deactivations (an attack vector for bypassing data quality controls). Sharing rule changes. Build a dashboard component that surfaces these patterns and route the alerts to security operations. Without anomaly detection, the export is post-hoc evidence; with it, the export becomes a real-time control.
Linking changes to Change Requests
Mature orgs link every Setup Audit Trail entry to a Change Request ID. The pattern is: every admin records a CR number in the Description column of any setup edit (Salesforce supports a free-form description field on most edits). The export then joins back to the ticketing system (Jira, ServiceNow) for full traceability. CRs without matching audit entries indicate work that bypassed the change process. Audit entries without matching CRs indicate emergency changes or shadow work that needs review.
The 20-row UI versus the full API
The Setup Audit Trail UI shows 20 entries at a time with no filtering. The Tooling API exposes the full data via SOQL on SetupAuditTrail object, with filtering and pagination. For any non-trivial audit, query the Tooling API rather than scrolling the UI. The standard SOQL syntax works: SELECT Id, Action, Section, CreatedBy.Name, CreatedDate FROM SetupAuditTrail WHERE CreatedDate >= LAST_N_DAYS:30 ORDER BY CreatedDate DESC. Wrap in a scheduled Apex export job for automated retention.
Common compliance use cases
SOX audits, HIPAA reviews, PCI-DSS quarterly assessments, ISO 27001 evidence packages, and FedRAMP continuous monitoring all consume Setup Audit Trail exports. Each framework has slightly different requirements but the underlying data is the same. Build one canonical dashboard with filters by date range, user, and action category; export filtered views per audit framework rather than maintaining separate dashboards.
Building and operating an Audit Trail Export Dashboard
The pattern has three parts: schedule the export, load the data into a queryable store, and build the dashboard. Each step has multiple implementation options; pick based on your compliance team''s requirements and the org''s tooling.
- Schedule the Setup Audit Trail export
Setup, Setup Audit Trail, Download Setup Audit Trail. Manual is fine for monthly audits; for daily exports build a scheduled Apex job that queries SetupAuditTrail via Tooling API and writes to a custom object or external system. Keep the cadence below the 180-day retention window.
- Pick the storage destination
Three options. Custom object inside Salesforce (simple, but adds storage cost). CRM Analytics dataset (better visualization, requires Analytics license). External data warehouse (most flexible, requires ETL setup). For most mid-size orgs, the custom object pattern is the fastest path.
- Build the import pipeline
Apex job that reads the CSV (or queries the Tooling API directly), parses each row, and inserts into the destination. Handle the date format, the Section enum, and the Display description text. Deduplicate on (CreatedDate, CreatedBy, Action) to avoid double-loading on retries.
- Build the dashboard components
Group by Action Category (Profile, Permission Set, Sharing Rule, Flow). Group by user with a top-10 chart. Show daily volume with a trend line. Add anomaly flags: high-risk actions like Delete Profile or Deactivate Validation Rule highlighted in red.
- Wire up alerts
Process-builder, flow, or scheduled Apex that scans new audit entries and fires Custom Notifications on high-risk actions. Route alerts to a security distribution list or a Slack channel via Slack Connector.
Custom object, CRM Analytics, or external data warehouse. Each trades cost, flexibility, and refresh cadence differently.
Manual monthly, scheduled daily, or near-real-time via Change Data Capture. Daily is the sweet spot for most compliance regimes; real-time is overkill for most orgs.
Salesforce retains online entries for 180 days. Storage destination retention is your call; most regulated industries require 3 to 7 years.
Email, Slack, ServiceNow ticket, or PagerDuty. Pick based on the security team''s existing operational tooling.
- Setup Audit Trail does not capture data changes, only setup-area metadata changes. Combine with Field History Tracking and Event Monitoring for full coverage.
- 180-day online retention means entries silently roll off if you do not export. Schedule the export well within that window.
- The UI shows 20 entries at a time with no filtering. Use the Tooling API or the CSV export for any audit beyond casual browsing.
- Setup Audit Trail records who initiated a change but not the before-and-after values for every change type. For full field-level history, use Field History Tracking on the changed metadata.
- The CSV export is generated on-demand and can take several minutes for orgs with high change volume. Avoid clicking Download repeatedly; the second click queues a second export.
Trust & references
Cross-checked against the following references.
- Monitor Setup Changes with Setup Audit TrailSalesforce Help
- SetupAuditTrail Tooling API ObjectSalesforce Developer Docs
Straight from the source - Salesforce's reference material on Audit Trail Export Dashboard.
- View Setup Audit Trail HistorySalesforce Help
- Event Monitoring OverviewSalesforce Help
Hands-on resources to go deeper on Audit Trail Export Dashboard.
About the Author
Dipojjal Chakrabarti is a B2C Solution Architect with 29 Salesforce certifications and over 13 years in the Salesforce ecosystem. He runs salesforcedictionary.com to help admins, developers, architects, and cert/interview candidates sharpen their fundamentals. More about Dipojjal.
Test your knowledge
Q1. Can a Salesforce admin configure Audit Trail Export Dashboard without writing code?
Q2. In which area of Salesforce would you typically find Audit Trail Export Dashboard?
Q3. Why is understanding Audit Trail Export Dashboard important for Salesforce admins?
Discussion
Loading discussion…