Audit Logs Location

Veeam Backup & Replication provides logging of performed activities, such as data protection and disaster recovery tasks: for example, the list of files restored during File-Level Restore sessions. The results of the audit of such activities are stored in form of .csv files that are called audit logs. For more information about log files, see Logging.

In Audit Logs Location field, you can specify folder where the audit logs will be stored. By default, log files are stored in the following folder: %ProgramData%\Veeam\Backup\Audit. You can also specify an SMB (CIFS) folder.


Storing audit logs on WORM tapes is not supported. Storing audit logs on WORM storages is supported without log compression. This type of storage prevents the data from being deleted or modified. Thus, raw audit logs cannot be deleted after creating compressed files.

If you use an SMB (CIFS) folder, the service account used for Veeam Backup Service on the machine with Veeam Backup & Replication must have access to that SMB (CIFS) folder. By default, this is the LocalSystem account, so you will need to grant write access to the VBR Server Active Directory computer account.

By default, older audit logs are compressed automatically. To perform this operation, the service account under which Veeam Backup Service runs must have modify permissions on the target folder. If you do not want to compress older audit logs, clear the Compress older audit logs automatically check box.

Audit Logs Location