automation-cloud
latest
false
- Getting started
- Data security and compliance
- Organizations
- Authentication and security
- Licensing
- About licensing
- Unified Pricing: Licensing plan framework
- Flex: Licensing plan framework
- Activating your Enterprise license
- Upgrading and downgrading licenses
- Requesting a service trial
- Assigning licenses to tenants
- Assigning user licenses
- Deallocating user licenses
- Monitoring license allocation
- License overallocation
- Licensing notifications
- User license management
- Tenants and services
- Accounts and roles
- Testing in your organization
- AI Trust Layer
- External applications
- Notifications
- Logging
- About logs
- Exporting logs
- Troubleshooting
- Migrating to Automation Cloud
Automation Cloud admin guide
Last updated Dec 17, 2025
This feature is only available if you are on the
Enterprise licensing plan.
The Unified logging experience allows you to export
logs from Automation CloudTM in CSV format using one
of the following methods:
- Export option in the user interface: From the Audit logs section of your organization or tenant, select Export.
- Audit Logs APIs: Use the Audit logs APIs.
- UiPath custom script: Run a UiPath-developed script to export logs from UiPath's long term audit log store.
For long-term retention or compliance purposes, both the unified and classic logging experience allow you to configure robot log exports to automatically send data from Orchestrator to Azure Blob Storage, AWS S3, or Google Cloud Storage, where log files are generated hourly and can be processed using your own BI or monitoring solutions.
If you are using the unified logging experience, you can use a dedicated script, to export audit logs that are no longer available through the Audit Logs interface. The script supports retrieving logs up to 2 years in the past.
This script is useful when:
-
You need access to older audit logs for compliance or investigation purposes.
-
You want to automate long-term log archival.
Prerequisites
- Copy the following script into a
.shfile of your own:appId=$1 appSecret=$2 organizatioNameOrId=$3 fromDate=$4 toDate=$5 mode=${6:-s} cloud=${7:-cloud} if [[ $# -lt 5 ]]; then echo "Error: Not all required input parameters provided." echo "Usage: $0 <appId> <appSecret> <organizatioNameOrId> <fromDate> <toDate> <mode>(optional: v for verbose, s for silent)" exit 1 fi # Validate "fromDate" date format (MM/DD/YYYY) if ! date -d "$fromDate" &>/dev/null; then echo "Error: Invalid date format for 'fromDate'. Please use MM/DD/YYYY format." exit 1 fi # Validate "to" date format (MM/DD/YYYY) if ! date -d "$toDate" &>/dev/null; then echo "Error: Invalid date format for 'toDate'. Please use MM/DD/YYYY format." exit 1 fi echo $(date +"%Y-%m-%d %H:%M:%S.%3N") "Start Getting UiPath Token." response=$(curl --data-urlencode -X POST "https://${cloud}.uipath.com/${organizationNameOrId}/identity_/connect/token" -$mode \ -d "grant_type=client_credentials" \ -d "scope=PM.Audit.Read" \ -d "client_id=$appId" \ -d "client_secret=$appSecret" \ -H "Content-Type: application/x-www-form-urlencoded") access_token=$(echo "$response" | jq -r '.access_token') if [[ "$access_token" == null ]]; then echo "Error: Access token is null or empty in the response. Please verify the appId and appSecret." exit 1 fi base_dir=$(date +"%Y-%m-%d%H:%M:%S.%3N") echo $base_dir "Start Downloading UiPath Platform Audit logs." # Define the base URL base_url="https://${cloud}.uipath.com/${organizatioNameOrId}/orgaudit_/api/query/downloadeventsfromlongtermstore" mkdir -p $base_dir # Iterate through time intervals current_date=$(date -u -d "$fromDate" +"%Y-%m-%dT%H:%M:%SZ") seconds_in_a_day=$((24*60*60)) while [ "$(date -d "$current_date" +%s)" -le "$(date -d "$toDate" +%s)" ]; do next_date=$(date -u -d "$current_date + $(($seconds_in_a_day-1)) seconds" +"%Y-%m-%dT%H:%M:%SZ") # Construct the full URL with the current time interval formatted_current_date=$(date -u -d "$current_date" +"%Y-%m-%dT%H:%M:%SZ" | sed 's/\//%2F/g') formatted_current_date="${current_date}" formatted_next_date=$next_date | sed 's/\//%2F/g' formatted_next_date="${next_date}" full_url="$base_url?from=$formatted_current_date&to=$formatted_next_date" echo $full_url echo "Downloading UiPath Audit Log from $current_date to $next_date" curl -X GET "$full_url" -$mode \ -H "Authorization: Bearer $access_token" \ -o "${base_dir}/${current_date////-}_to_${next_date////-}.zip" # Save the response to a file # Move to the next time interval current_date=$next_date one=1 current_date=$(date -u -d "$current_date + $one seconds" +"%Y-%m-%dT%H:%M:%SZ") done for zip_file in "$base_dir"/*.zip; do zip_file_name="$(basename "$zip_file")" unzip -q "$zip_file" -d "$base_dir/auditlogs/" echo "Extracted ${zip_file_name%.*}" rm "$zip_file" done shopt -s nullglob for zip_file in "$base_dir/auditlogs"/*.zip; do zip_file_name="$(basename "$zip_file")" unzip -q "$zip_file" -d "$base_dir/auditlogs/${zip_file_name%.*}" for data_file in "$base_dir/auditlogs"/${zip_file_name%.*}/*.txt; do data_file_name="$(basename "$data_file")" mv "$data_file" "$base_dir/auditlogs/${data_file_name%.*}_${zip_file_name%.*}.txt" rm -r "$base_dir/auditlogs/${zip_file_name%.*}" done rm "$zip_file" done shopt -u nullglob echo $(date +"%Y-%m-%d %H:%M:%S.%3N") "Downloaded UiPath Platform Audit logs and saved them according to UTC date"appId=$1 appSecret=$2 organizatioNameOrId=$3 fromDate=$4 toDate=$5 mode=${6:-s} cloud=${7:-cloud} if [[ $# -lt 5 ]]; then echo "Error: Not all required input parameters provided." echo "Usage: $0 <appId> <appSecret> <organizatioNameOrId> <fromDate> <toDate> <mode>(optional: v for verbose, s for silent)" exit 1 fi # Validate "fromDate" date format (MM/DD/YYYY) if ! date -d "$fromDate" &>/dev/null; then echo "Error: Invalid date format for 'fromDate'. Please use MM/DD/YYYY format." exit 1 fi # Validate "to" date format (MM/DD/YYYY) if ! date -d "$toDate" &>/dev/null; then echo "Error: Invalid date format for 'toDate'. Please use MM/DD/YYYY format." exit 1 fi echo $(date +"%Y-%m-%d %H:%M:%S.%3N") "Start Getting UiPath Token." response=$(curl --data-urlencode -X POST "https://${cloud}.uipath.com/${organizationNameOrId}/identity_/connect/token" -$mode \ -d "grant_type=client_credentials" \ -d "scope=PM.Audit.Read" \ -d "client_id=$appId" \ -d "client_secret=$appSecret" \ -H "Content-Type: application/x-www-form-urlencoded") access_token=$(echo "$response" | jq -r '.access_token') if [[ "$access_token" == null ]]; then echo "Error: Access token is null or empty in the response. Please verify the appId and appSecret." exit 1 fi base_dir=$(date +"%Y-%m-%d%H:%M:%S.%3N") echo $base_dir "Start Downloading UiPath Platform Audit logs." # Define the base URL base_url="https://${cloud}.uipath.com/${organizatioNameOrId}/orgaudit_/api/query/downloadeventsfromlongtermstore" mkdir -p $base_dir # Iterate through time intervals current_date=$(date -u -d "$fromDate" +"%Y-%m-%dT%H:%M:%SZ") seconds_in_a_day=$((24*60*60)) while [ "$(date -d "$current_date" +%s)" -le "$(date -d "$toDate" +%s)" ]; do next_date=$(date -u -d "$current_date + $(($seconds_in_a_day-1)) seconds" +"%Y-%m-%dT%H:%M:%SZ") # Construct the full URL with the current time interval formatted_current_date=$(date -u -d "$current_date" +"%Y-%m-%dT%H:%M:%SZ" | sed 's/\//%2F/g') formatted_current_date="${current_date}" formatted_next_date=$next_date | sed 's/\//%2F/g' formatted_next_date="${next_date}" full_url="$base_url?from=$formatted_current_date&to=$formatted_next_date" echo $full_url echo "Downloading UiPath Audit Log from $current_date to $next_date" curl -X GET "$full_url" -$mode \ -H "Authorization: Bearer $access_token" \ -o "${base_dir}/${current_date////-}_to_${next_date////-}.zip" # Save the response to a file # Move to the next time interval current_date=$next_date one=1 current_date=$(date -u -d "$current_date + $one seconds" +"%Y-%m-%dT%H:%M:%SZ") done for zip_file in "$base_dir"/*.zip; do zip_file_name="$(basename "$zip_file")" unzip -q "$zip_file" -d "$base_dir/auditlogs/" echo "Extracted ${zip_file_name%.*}" rm "$zip_file" done shopt -s nullglob for zip_file in "$base_dir/auditlogs"/*.zip; do zip_file_name="$(basename "$zip_file")" unzip -q "$zip_file" -d "$base_dir/auditlogs/${zip_file_name%.*}" for data_file in "$base_dir/auditlogs"/${zip_file_name%.*}/*.txt; do data_file_name="$(basename "$data_file")" mv "$data_file" "$base_dir/auditlogs/${data_file_name%.*}_${zip_file_name%.*}.txt" rm -r "$base_dir/auditlogs/${zip_file_name%.*}" done rm "$zip_file" done shopt -u nullglob echo $(date +"%Y-%m-%d %H:%M:%S.%3N") "Downloaded UiPath Platform Audit logs and saved them according to UTC date" - Run the script in a WSL (Windows
Subsystem for Linux) environment and ensure the following tools are
installed:
sudo apt install dos2unix unzip jqsudo apt install dos2unix unzip jq - Prepare the script for execution
using the following
commands:
dos2unix <script-name>.sh chmod +x <script-name>.shdos2unix <script-name>.sh chmod +x <script-name>.sh -
Create a confidential external application in your tenant and assign the following API scope:
PM.Audit.Read(application). -
Collect the following application credentials:
-
Application ID (
client_id) -
Application secret (
client_secret)
-
Steps
- Set the required variables in
your
terminal:
client_id='<your-client-id>' client_secret='<your-client-secret>' org_name='<your-org-name>' start_date='MM/DD/YYYY' end_date='MM/DD/YYYY'client_id='<your-client-id>' client_secret='<your-client-secret>' org_name='<your-org-name>' start_date='MM/DD/YYYY' end_date='MM/DD/YYYY' - Run the script using the
following command:
./<script-name>.sh $client_id $client_secret $org_name $start_date $end_date.For example:
client_id='<clientId>' client_secret='<clientsecret>' org_name='test_org' start_date='09/01/2025' end_date='10/01/2025' ./<script-name>.sh $client_id $client_secret $org_name $start_date $end_date vclient_id='<clientId>' client_secret='<clientsecret>' org_name='test_org' start_date='09/01/2025' end_date='10/01/2025' ./<script-name>.sh $client_id $client_secret $org_name $start_date $end_date v
To export Robot logs generated in your Orchestrator services to Azure, AWS S3, and Google Cloud Storage, follow the specific
procedures described further. Logs are saved in a
.csv file in the uipathrobotlogs container. The export is done on a per-tenant basis which facilitates the following:
- Storing logs that must be retained for compliance and audit purposes.
-
Analyzing and visualizing log output in your own reporting or BI tools.
Note: When configuring the log export page, we do not support backfilling of 30 days worth of logs.
Azure
Tip: You can configure static IPs to the allowlist and not open your network
to all external IPs. Go to in Azure Blob Storage to add the static IPs. Check the Configuring the
firewall page for the full list of IPs.
The following storage options are supported:
For more information on types of storage, check the Storage account overview page from the
official Azure documentation.
- Standard locally-reduntant storage (LRS)
- Standard geo-redundant storage (GRS)
- Standard read-access geo-redundant storage (RA-GRS)
- Standard zone-redundant storage (ZRS)
- Premium LRS
AWS S3
Tip: You can configure static IPs to the allowlist and
not open your network to all external IPs. Use access policies in AWS S3 to add deny
all requests unless it is from the
aws:SourceIp list as described
in the Bucket policies for Amazon S3 page from
the AWS S3 user guide. Check the Configuring the
firewall page from the Automation Cloud admin guide for the full list of
IPs.
Google Cloud Storage
- Expand the tenant you want to delete log export settings for.
- For the Orchestrator service in that tenant, select Log Export Configuration. The Configuration right-hand panel is displayed.
- Disable the Send robot logs to custom storage toggle.
- On the Delete Configuration window, select Delete to confirm. The configuration is successfully deleted.
