Backupify/Datto SaaS Protection: How do I interpret the System Events reporting?



How do I interpret the System Events reporting in Backupify/Datto SaaS Protection 2.0?


  • Backupify/Datto SaaS Protection 2.0


1.  From the Status page, click Admin on the top menu, then select Reporting.  

o365_select_reporting.pngFigure 1: Backupify/Datto SaaS Protection Status page (click to enlarge)

2.  Select the System Events options and Download CSV.  

o365_reporting_options.pngFigure 2: System Events (click to enlarge)

3.  The resulting spreadsheet contains several columns relating to system audit data:

Figure 3: The System Audit spreadsheet (click to enlarge)

EventClass: This will always be System.

EventType: The type of job performed. Possible outcomes are:

  • Backup
  • Restore
  • Export

Timestamp: The time and date of the activity performed. Times are in UTC.

SuccessStatus: This shows the overall success or failure of the EventType. Possible outcomes are:

  • Success
  • Failure

Success indicates that the job (either a restore, export, or backup) was successful even if individual items failed. Failure indicates that the job (either a restore, export or backup) did not complete due to an error. For more information on errors, see the FailureReason column.

ServiceId: the ID associated with the user or service on which the activity was performed. Provide this ID to Support whenever possible in order to quickly and accurately isolate any issues.

UserEmail: The primary email address of the user or site account on which the activity was performed.

UserName: The display name of the user or site account on which the activity was performed.

ItemSuccessCount: The number of items that were successfully captured, restored, or exported.

ItemFailure Count: The number of items that failed to be captured, restored, or exported.

ApplicationType: This is the application type affected by the action. Possible outcomes:

  • Office365SharePoint
  • Office365Exchange
  • Office365OneDrive
  • GoogleMail
  • GoogleCalendar
  • GoogleContacts
  • GoogleDrive

Snapshot: This is the internal snapshot ID associated with the action. This can be provided to Datto SaaS Protection Support to further isolate any issues (only applies to restores/exports).

RetrievalType: The criteria used to select data to restore or export. If data is based on search, see the SearchTerms column for the explicit search term (only applies to restores and exports). Possible outcomes:

  • Single User Search
  • Customer-Wide Search
  • Entire User
  • Multi-User Search

SearchTerms: The search term used to initiate a restore/export/retrieval.

TargetServiceID: The ID associated with the user/service the restore was pointed to. Provide this ID to Datto SaaS Protection Support whenever possible to quickly and accurately isolate any issues (only applies to restores).

TargetUserEmail: The primary email address of the user/site account to which the restore was pointed (only applies to restores).

TargetUserName: The display name of the user/site to which the restore was pointed (only applies to restores).

SelectedItemCount: The number of items selected for Restore/Export actions (only applies to restores/exports).

FailureReason: In the event that the SuccessStatus is failure, this column will include specific error code information detailing the cause of the failure. These are typically unactionable and included for informational purposes.

IncludePermissions: (GSuite/Google Drive Only) This column indicates whether permissions are elected to be restored. Possible outcomes:

  • True
  • False

If True, permissions were restored, if False, permissions were removed.

Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Have a feature request?

Head on over to our Datto Community Forum or the Datto Community Online.

For more Business Management resources, see the Datto RMM Online Help and the Autotask PSA Online Help .

Still have questions? Get live help.

Datto Homepage