Skip to Content

Audit Logs

Audit logs record important workspace actions for access review, change tracking, and incident investigation.

Recorded information

An entry can include time, actor, action, target, and result. Available fields vary by action and contract.

Review logs

  1. Open Audit logs in workspace settings.
  2. Filter by date range, member, action, or target.
  3. Open an entry to inspect details.
  4. For suspicious activity, review the related member, space, app connection, and run history.

Operating practices

  • Review owner, administrator, and custom-role changes regularly.
  • Check invitations, removals, and space assignments.
  • Track changes to SSO, app integrations, and other critical settings.
  • During an incident, narrow the investigation by time and target.

Retention, display range, and export availability depend on plan and configuration. Confirm contract requirements if your organization has a formal retention policy. Restrict audit-log access to members who need it.

Last updated on