Access Monitor Documentation

Overview

Access Monitor is built for support teams that handle tickets where extra visibility matters. Common examples include VIP conversations, billing issues, trust and safety tickets, compliance questions, employee-related requests, and escalations.

The app runs in the Zendesk ticket sidebar. When the sidebar app loads and a configured rule matches, Access Monitor can log the view in Zendesk.

Access Monitor is designed for lightweight ticket view visibility. It is not a complete record of all Zendesk access and is not a replacement for Zendesk native access logs, advanced security features, or compliance-grade audit logging.

What Access Monitor can log

When a monitoring rule matches, Access Monitor can write one or more of the following records in Zendesk:

A short private internal note on the ticket
Zendesk tags, such as access_monitor_logged
A structured entry in the Access Monitor: View Log ticket field

A typical internal note looks like this:

🔐 Access Monitor: ticket view logged by Jane Agent at Jun 16, 2026, 10:15 PM EDT.

Setup

Install Access Monitor from the Zendesk Marketplace.
Open the Access Monitor admin settings in Zendesk.
Confirm the default rule for sensitive tickets is enabled.
Add the tag access_monitor_sensitive to tickets that should be monitored.
Review the logging mode, tags, and duplicate suppression window.
Save settings.
Open a tagged test ticket and confirm that a view is logged as expected.

Start with the default sensitive-ticket rule before enabling broader monitoring. This keeps ticket updates controlled while you confirm the app is working as expected.

Access Monitor: View Log ticket field

Access Monitor adds a custom ticket field named Access Monitor: View Log. This field is used to store structured view log entries inside Zendesk.

A View Log entry may include details such as the viewed time, viewer name, viewer ID, rule name, rule ID, and timestamp. This gives admins a structured record that can be reviewed in Zendesk or used in export workflows.

ASA Labs recommends keeping the Access Monitor: View Log ticket field off agent-facing ticket forms unless agents should see the view log.

Default rules

Sensitive tickets only

Enabled by default. This rule logs views on tickets tagged access_monitor_sensitive. It is the recommended starting point.

Sensitive tickets by selected agent roles

Disabled by default. This rule logs views on sensitive tickets when opened by selected agent roles, such as admins or agents.

Non-assignee views

Disabled by default. This rule logs views when a monitored ticket is opened by someone other than the assigned agent.

All ticket views

Disabled by default. This rule is high volume and should only be enabled if you intentionally want broad ticket view logging.

All ticket views can create a high volume of ticket updates. Use View Log only, increase duplicate suppression, and test carefully before enabling it in production.

Marking sensitive tickets

The default sensitive-ticket rule uses this tag:

access_monitor_sensitive

You can add this tag manually, through Zendesk triggers, automations, macros, or other Zendesk workflows. Once the tag is present, the default sensitive-ticket rule can log matching ticket views.

Duplicate suppression

Duplicate suppression prevents repeated logs from the same viewer on the same ticket within a set time window.

240 minutes is the recommended default.
0 logs every matching view.
Blank, missing, or invalid values default to 240 minutes.

A longer window reduces ticket noise. A shorter window creates a more detailed ticket history, but may add more updates.

Recommended settings

Start with Sensitive tickets only.
Use the tag access_monitor_sensitive for monitored tickets.
Keep duplicate suppression at 240 minutes while testing.
Keep internal notes short so the ticket timeline stays readable.
Keep the Access Monitor: View Log ticket field off agent-facing forms unless agents should see it.
Do not enable All ticket views unless you intentionally want broad monitoring.

Limits and expectations

Access Monitor logs matching ticket views when the Zendesk ticket sidebar app loads and a configured rule matches. It does not guarantee a complete record of every Zendesk access event.

Access Monitor is not tamper proof, not non-redactable, and not a replacement for Zendesk native access logs or advanced security features. It is meant to give teams practical visibility inside normal Zendesk workflows.

Uninstalling

If Access Monitor is uninstalled, it stops logging new ticket views.

Existing internal notes, tags, and values in the Access Monitor: View Log ticket field may remain in Zendesk unless your admins remove them. Review your Zendesk fields, forms, tags, automations, and reporting before uninstalling.

FAQ

Does Access Monitor replace Zendesk access logs?

No. Access Monitor is not a complete record of all Zendesk access and is not a replacement for Zendesk native access logs, advanced security features, or compliance-grade audit logging.

Does Access Monitor log every ticket view?

Only when the Zendesk ticket sidebar app loads and a configured rule matches. By default, Access Monitor logs views on tickets tagged access_monitor_sensitive.

Can agents see the View Log ticket field?

That depends on your Zendesk configuration. ASA Labs recommends keeping the Access Monitor: View Log ticket field off agent-facing ticket forms unless agents should see the view log.

Does ASA Labs store ticket data outside Zendesk?

No. Access Monitor is designed to store ticket view logs and app configuration within your Zendesk instance.

Can I use triggers or automations with Access Monitor?

Yes. You can use Zendesk triggers, automations, macros, and views with the tags and fields written by Access Monitor.

Should I enable All ticket views?

Usually not at first. Start with sensitive-ticket monitoring, test the output, and only enable All ticket views if you intentionally want broad logging.