Audit Log
The audit log records every significant action across your Zenfra organization. Use it to track who did what, when, and from where — essential for security reviews, compliance, and troubleshooting.
Accessing the audit log
Navigate to Organization > Audit to view the full audit log.
Log entries
Each audit log entry contains:
| Column | Description |
|---|---|
| Timestamp | When the action occurred |
| Actor | The user or system that performed the action, with their type (User, API Key, System) |
| Action | The specific action performed (e.g., auth.login, auth.logout) |
| Resource | The entity the action was performed on, with its type |
| Result | Whether the action succeeded or failed |
| IP Address | The IP address the action originated from |
Filtering
The audit log supports multiple filters to help you find specific events:
| Filter | Description |
|---|---|
| Actor Type | Filter by who performed the action (User, API Key, System) |
| Resource Type | Filter by what was affected (User, Stack, Run, etc.) |
| Action | Filter by the specific action type |
| Result | Filter by outcome (Success, Failure) |
| From date | Show only events after this date |
| To date | Show only events before this date |
Combine multiple filters to narrow down to exactly the events you need.
Pagination
The audit log is paginated with configurable rows per page (default: 25). Use the page controls to navigate through older entries.
Tracked actions
The audit log captures actions including:
- Authentication — logins, logouts, failed login attempts
- Stack operations — creation, updates, deletion, triggering runs
- Run lifecycle — queued, approved, completed, failed runs
- Configuration changes — bundle modifications, integration updates
- User management — invitations, role changes
- API key operations — creation, deletion, usage