Ctrlk
Go to websiteBook a demoTrust centerChangelog
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Audit Logging

Keep track of events occurring in your workspace for real-time management and monitoring.

Overview

Audit logging provides comprehensive tracking of all actions taken within your workspace. This feature is available on an opt-in basis for enterprise customers and can be enabled per workspace.

Accessing Audit Logs

Once enabled for your workspace, audit logs are accessible through the Enterprise section of the application. The portal provides a searchable interface where you can:

  • View all logged events in chronological order

  • Filter by action type (e.g., file operations, user management, workspace changes)

  • Filter by user who performed the action

  • Filter by timestamp or date range

  • View detailed information about each event

What Gets Logged

Our audit logging captures authenticated user actions across the platform. Every single request made to your workspace (whether it be through the app, web, mount, or api) is captured by our logging system and routed to the logs database. Each log entry includes:

  • Action: The specific operation performed (e.g., file upload, permission change)

  • Actor: The user who performed the action, including their IP address

  • Targets: The resources affected by the action (files, folders, users, etc.)

  • Timestamp: When the action occurred

  • Workspace context: The workspace where the action took place

What Doesn't Get Logged

To maintain performance and focus on security-relevant events, we exclude:

  • Read-only operations (GET requests)

  • Internal system operations

  • Authentication token refreshes

  • Unauthenticated requests

  • Certain metadata operations that don't modify resources

Security & Privacy

  • Audit logs are isolated per organization

  • Only authenticated actions within your workspace are logged

  • Logs are retained according to your enterprise agreement

  • Access to audit logs is restricted to workspace administrators

Enabling Audit Logging

Audit logging is enabled by our team at the workspace level. Contact your account representative to activate this feature for your organization.

For questions about audit logging or to request activation, please reach out to your account manager or contact enterprise support.

PreviousShade SIEM Documentation

Last updated

Was this helpful?