skip to main content
Browse documentation

Audit log

An append-only, tamper-evident record of every override edit, promotion, transcript view, and API-key action in your workspace.

The audit log (/audit) is a read-only, append-only timeline of the changes that matter for accountability. It is tenant-scoped to your workspace and cannot be edited or deleted from the dashboard.

What gets recorded

Each meaningful action writes one immutable entry. Recorded actions include:

  • Capability override edits โ€” enablement, approval, and governance changes.
  • Transcript views โ€” when an operator opens an end-user conversation.
  • Environment promotions โ€” moving configuration from development to production.
  • API-key actions โ€” keys issued and revoked.

Reading an entry

Entries are grouped by day. Each row names the acting user, the action, the target resource, and the environment; system actions are attributed to the platform.

  • Actor โ€” the user who performed the action, or the platform for system events.
  • Before and after โ€” expand a row to see the field-level change.
  • Metadata โ€” resource type, source, IP address, request ID, and event ID, where available.

Filter & export

Filter by environment, action category, actor, and time window, save a named view for filters you reuse, and export the filtered timeline as CSV, Excel, or text. The in-page search narrows the loaded rows; export always reflects the server-side filters over the full record.

Next steps