Skip to content

Audit Logs#

Audit logs provide a comprehensive record of actions taken across your workspace. They serve as a powerful tool for Admins to track activity, investigate changes, and ensure accountability. Audit Logs are available to Workspace Owners and Admins, through the Workspace’s main navigation menu.

Here's how you can use audit logs effectively:

  • Administrative Activity: Audit logs help monitor actions such as changing user roles, managing workspace settings, or modifying group permissions. This ensures transparency and helps identify who made key configuration changes.
  • Data Access and Modification: Use audit logs to track when users access, create, update, or delete data. This includes actions like modifying dashboards, editing configuration of the data agents, changing widget content, or altering data source connections.
  • Troubleshooting and Investigations: When issues arise such as missing data, incorrect dashboards, or deleted resources audit logs help you investigate who made the change and when. This reduces downtime and helps resolve incidents more efficiently.

In the next sections we’ll cover:

  • Audit Logs Overview: Learn how to efficiently search and filter audit log entries.

Audit Logs Overview#

On the Audit Logs page, Workspace Owners and Admins can view a chronological record of all key events, actions, and changes that occur within a workspace. These logs capture activity performed by users across different resource types, providing full visibility into how your environment evolves over time.

The audit log includes actions related to the following types of resources:

audit_logs

audit_logs

Filtering and Search Capabilities Audit logs offer robust filtering and search options to help you quickly find relevant actions:

  • Resource Type & Action Type Filtering: Users can filter entries based on the type of resource (App, Dashboard, Connector, etc.) and the type of action (Create, Update, Delete, etc.). Action types are dependent on the resource type selected.
  • Date Range: Use start and end date filters to narrow your search to a specific time period.
  • Multi-parameter Search: Allows selection of multiple resource types, combined using an AND condition. This means results must match all selected types.

To perform a multi-parameter search:

  1. Select the resource type.

    You can select next resources types: audit_logs

  2. Specify the resource identifier (slug).

  3. You may only list resources with different types, selecting multiple of the same type is not supported.
  4. Searches are only possible using current slugs of resources.
Note

When you search using a current slug, you’ll be able to retrieve the full history of that resource, including previous names and slugs. Even if a resource has been deleted, you can still search using its last known slug and view its full action history.

Action Details

Each entry in the audit log includes an expandable section that provides deeper insight into the logged action:

  • Additional Data: Displays the fields affected by the operation. Each entry includes the resources involved and their current slugs, which can be searchable.
  • Operation Details: Shows the exact values of all parameters at the time of the action. Operation Details are not searchable.

audit_logs

Note

All timestamps shown in the main audit log table reflect the local time of your browser.

Examples of advanced searches you can perform:

  • Retrieve all dashboard-related actions within a specific application.
  • Identify all audit log entries related to a specific user who performed actions within an application.
  • Locate all actions performed by a specific user on a particular version of a dashboard.