PlatformSecurity & Privacy
Audit Log
Track and review all significant actions in your workspace.
Audit Log
The Audit Log provides a comprehensive record of all significant actions in your workspace for security monitoring and compliance.
Screenshot needed � add an annotated image showing this UI
What Is the Audit Log?
The audit log records:
- Who performed an action
- What was done
- When it occurred
- Where it originated (IP address)
- How (user agent/device)
Accessing the Audit Log
Navigate to Settings > Data & Privacy > Audit Log.
Audit log access requires Admin or Owner permissions.
Logged Events
9 Event Types
| Event Type | Description | Example |
|---|---|---|
| user.login | User authentication | "john@example.com logged in from 192.168.1.1" |
| user.logout | Session termination | "Session ended for john@example.com" |
| user.invited | Team invitation sent | "Admin invited jane@example.com as Member" |
| user.role_changed | Permission modification | "john@example.com role changed from Member to Admin" |
| record.created | New record created | "Contact 'Acme Corp' created by john@example.com" |
| record.updated | Record modification | "Deal 'Enterprise License' updated by jane@example.com" |
| record.deleted | Record deletion | "Ticket #1234 deleted by admin" |
| settings.changed | Configuration change | "AI provider changed from OpenAI to Moonshot" |
| export.requested | Data export initiated | "GDPR export requested by owner" |
Log Entry Details
Each log entry includes:
| Field | Description |
|---|---|
| Timestamp | When action occurred (UTC) |
| Actor | Who performed the action (user ID, email) |
| Action | Type of action |
| Target | What was affected (record ID, type) |
| IP Address | Source IP (partially masked) |
| User Agent | Browser/device information |
| Changes | Before/after values (for updates) |
| Workspace | Which workspace |
Filtering and Search
Filter Options
| Filter | Description |
|---|---|
| Date Range | Specific time period |
| User | Actions by specific person |
| Event Type | Category of action |
| Resource Type | Contacts, deals, tasks, etc. |
| Resource ID | Specific record |
Search
Full-text search across:
- User emails
- Record names
- Action descriptions
- IP addresses
Retention
Default Retention
Audit logs retained for 2 years.
Exporting Logs
For compliance or analysis:
- Apply desired filters
- Click Export
- Choose format:
- CSV (spreadsheet)
- JSON (machine-readable)
- PDF (human-readable)
- Download
Using the Audit Log
Security Monitoring
Regular checks:
- Failed login attempts
- Unusual access patterns
- Privilege escalations
- After-hours activity
Compliance
Demonstrate:
- Data access controls
- Change tracking
- User accountability
- Policy enforcement
Troubleshooting
Investigate:
- Who made a change
- When data was modified
- What was deleted
- How an error occurred
Alerting
Configure Alerts
Get notified for:
| Event | Alert To |
|---|---|
| Multiple failed logins | Security team |
| Admin role changes | Owner |
| Bulk deletions | Admin |
| Settings changes | Admin |
| Export requests | Compliance officer |
Setting Up
- Go to Settings > Data & Privacy > Audit Alerts
- Add alert rule:
- Event type
- Threshold
- Recipients
- Save
Best Practices
Regular Review
Review audit logs:
- Weekly: Failed login summary
- Monthly: Role change report
- Quarterly: Full access review
Incident Response
If suspicious activity:
- Filter logs for timeframe
- Identify affected records
- Check user access patterns
- Take corrective action
- Document findings
Compliance
For audits:
- Export logs quarterly
- Archive securely
- Maintain chain of custody
- Prepare summary reports
Privacy Considerations
Who Can Access
| Role | Access |
|---|---|
| Owner | Full access |
| Admin | Full access |
| Member | No access |
| Viewer | No access |
Data Minimization
Audit logs contain:
- Necessary identifiers
- No password data
- No sensitive content
- IP addresses partially masked
Next Steps
- Data & Privacy — Privacy settings
- Security Overview — Security documentation
- GDPR — Compliance information