Audit Log
The audit log records every significant action in your workspace. Use it to track changes, investigate issues, maintain compliance, and understand team activity.
Accessing the audit log
Go to Settings → Audit Log. Available to Owner and Admin roles only.
What's logged
Every action is recorded with:
| Field | Description |
|---|---|
| Timestamp | Exact time the action occurred (in UTC and your local timezone) |
| User | Who performed the action (name and email) |
| Action | What they did (see action types below) |
| Resource | Which resource was affected (workflow, form, table, etc.) |
| Details | Specific details about the change |
| IP address | The IP address the action came from |
Action categories
Authentication
| Action | Description |
|---|---|
| User login | A team member logged in |
| User logout | A team member logged out |
| Login failed | A failed login attempt |
| Password changed | A user changed their password |
| MFA enabled/disabled | Two-factor authentication was toggled |
| API key generated | A new API key was created |
| API key revoked | An API key was deleted |
Workflows
| Action | Description |
|---|---|
| Workflow created | A new workflow was created |
| Workflow published | A workflow was published (went live) |
| Workflow unpublished | A workflow was taken offline |
| Workflow deleted | A workflow was deleted |
| Workflow edited | Nodes or settings were modified |
| Connection authorized | An integration was connected |
| Connection revoked | An integration was disconnected |
Forms
| Action | Description |
|---|---|
| Form created | A new form was created |
| Form published | A form was made live |
| Form unpublished | A form was taken offline |
| Form deleted | A form was deleted |
| Submission deleted | A form submission was deleted |
| Submission exported | Form submissions were exported |
Tables
| Action | Description |
|---|---|
| Table created | A new table was created |
| Table deleted | A table was deleted |
| Column added | A new column was added to a table |
| Column deleted | A column was removed |
| Bulk import | Data was imported from CSV/Excel |
| Bulk delete | Multiple rows were deleted |
| Sharing changed | Table sharing/permissions were modified |
Team & billing
| Action | Description |
|---|---|
| Member invited | A new team member was invited |
| Member removed | A team member was removed |
| Role changed | A team member's role was changed |
| Plan upgraded | Billing plan was upgraded |
| Plan downgraded | Billing plan was downgraded |
Filtering the audit log
Use the filter controls at the top of the audit log:
| Filter | Options |
|---|---|
| Date range | Last 24 hours, 7 days, 30 days, 90 days, or custom range |
| User | Filter by specific team member |
| Action type | Filter by category (authentication, workflow, form, table, team) |
| Resource | Filter by specific resource name |
Exporting
Click Export to download the audit log as a CSV file. Exports respect the current filters, so apply filters first to export only the relevant entries.
Retention
| Plan | Audit log retention |
|---|---|
| Free | 7 days |
| Starter | 30 days |
| Pro | 90 days |
| Enterprise | 1 year |
Audit logs cannot be modified or deleted; they are append-only for integrity. This means any action taken in the workspace is permanently recorded for the retention period.
If you notice unexpected login activity or unauthorized changes, check the audit log first. The IP address and timestamp can help identify whether an account was compromised or whether a team member made an unintended change.