Audit log
An append-only, tamper-evident record of every override edit, promotion, transcript view, and API-key action in your workspace.
The audit log (/audit) is a read-only, append-only timeline of the changes that matter for accountability. It is tenant-scoped to your workspace and cannot be edited or deleted from the dashboard.
What gets recorded
Each meaningful action writes one immutable entry. Recorded actions include:
- Capability override edits โ enablement, approval, and governance changes.
- Transcript views โ when an operator opens an end-user conversation.
- Environment promotions โ moving configuration from development to production.
- API-key actions โ keys issued and revoked.
Reading an entry
Entries are grouped by day. Each row names the acting user, the action, the target resource, and the environment; system actions are attributed to the platform.
- Actor โ the user who performed the action, or the platform for system events.
- Before and after โ expand a row to see the field-level change.
- Metadata โ resource type, source, IP address, request ID, and event ID, where available.
Filter & export
Filter by environment, action category, actor, and time window, save a named view for filters you reuse, and export the filtered timeline as CSV, Excel, or text. The in-page search narrows the loaded rows; export always reflects the server-side filters over the full record.