Audit Logs
Audit logs record significant actions in your organization. Use them for security monitoring, compliance, and troubleshooting.
What Gets Logged
Every action that creates, modifies, or deletes data is recorded:
Collections
- Collection created
- Collection deleted
- Visibility changed (public/private)
- Member added to private collection
- Member removed from collection
- Member role changed
Documents
- Document uploaded
- Document deleted
Users
- User invited
- User removed
- User role changed
API Keys
- API key created
- API key revoked
Viewing Audit Logs
- Go to Settings
- Click Audit Logs
Only Admins and Owners can view audit logs.
Log Entry Details
Each log entry includes:
| Field | Description |
|---|---|
| Action | What happened (e.g., document.upload) |
| User | Who performed the action |
| Resource | What was affected |
| Timestamp | When it happened |
| IP Address | Where the request came from |
| Details | Additional context (file names, sizes, etc.) |
Filtering Logs
Use filters to find specific entries:
By Action Type
document.uploaddocument.deleteuser.inviteuser.removecollection.createapi_key.create
By Resource Type
- Collection
- Document
- User
- API Key
By Date Range
- Last 7 days
- Last 30 days
- Custom range
Common Use Cases
Security Monitoring
Question: Who accessed sensitive collections recently?
Filter: Resource type = Collection, Action = collection.member_add
Compliance Audit
Question: What documents were uploaded in Q4?
Filter: Action = document.upload, Date range = Q4
Troubleshooting
Question: Who deleted that document?
Filter: Action = document.delete, search for document name
User Activity
Question: What did a specific user do?
View logs and filter by user email
Log Retention
How long logs are kept depends on your plan:
| Plan | Retention |
|---|---|
| Solo | 7 days |
| Pro | 30 days |
| Team | 90 days |
| Enterprise | Unlimited |
Logs older than the retention period are automatically deleted.
Example Log Entries
Document Upload
Action: document.upload
User: sarah@company.com
Resource: HR Policies (collection)
Details:
- Document: Employee-Handbook-2024.pdf
- Size: 2.4 MB
Timestamp: 2024-01-15 10:30:00 UTC
IP: 192.168.1.100User Invited
Action: user.invite
User: admin@company.com
Resource: john@company.com
Details:
- Role: Member
Timestamp: 2024-01-14 14:22:00 UTC
IP: 192.168.1.50API Key Created
Action: api_key.create
User: admin@company.com
Resource: API Key "Slack Bot"
Details:
- Scopes: read, chat
Timestamp: 2024-01-10 09:15:00 UTC
IP: 192.168.1.50Exporting Logs
To export audit logs:
- Apply desired filters
- Click Export (if available)
- Download as CSV
For compliance needs requiring long-term storage, export regularly before retention expires.
API Access
Query audit logs programmatically:
curl "https://api.intellirepo.ai/api/v1/audit-logs?action=document.upload&days=7" \
-H "Authorization: Bearer YOUR_TOKEN"See API Overview for details.
Best Practices
Regular Review
- Check logs weekly for unusual activity
- Set up a review schedule for compliance
Export for Compliance
- Export logs before they expire
- Store exports in your compliance archive
Investigate Anomalies
- Unexpected document deletions
- Unusual access patterns
- Failed authentication attempts
Correlate Events
- Cross-reference with user access changes
- Check API key usage around suspicious activity
What's NOT Logged
Currently, audit logs do not capture:
- Chat queries and responses
- Search queries
- Document views/previews
- Login attempts
Query activity is tracked in Usage Analytics instead.
Related Articles
Need Help?
Contact our support team if you need help with audit logs or compliance requirements.