Home > Storage > PowerScale (Isilon) > Product Documentation > Security and Compliance > Dell PowerScale: Answers to Common Questions about Audit/Syslog > Can PowerScale track the actions taken by users who have root or admin privileges?
The audit log can record most of the activities if the operation is performed using the WebUI or CLI, which in turn are issued as PAPI calls. The operation can be classified into two categories:
The following is a typical entry for the audit log, when viewed by the isi_audit_viewer CLI command:
isi_audit_viewer -t config
isi_audit_viewer -t protocol
Note that both userSID=S-1-22-1-0 and userID=0 indicate that it is the root account. You can use the isi auth users view command to display the detailed account information, using an SID or UID: