What is Logged?
User Actions
Sign ins, role changes, member additions/removals
Security Actions
Violations suppressed, scans triggered, settings changed
Repository Actions
Repositories added/removed, settings modified
Access Actions
Permission changes, access grants/revokes
Accessing Audit Logs
1
Navigate to Audit Logs
Organization Settings → Audit Logs
2
View Recent Activity
See chronological list of all logged actions
3
Filter and Search
Use filters to find specific actions
Logged Events
User Management
- User invited, invitation accepted/declined
- User role changed, user removed
- User sign in/sign out
- Password changed, 2FA enabled/disabled
Repository Management
- Repository connected/removed
- Repository settings changed
- VCS integration configured
- Webhook created/deleted
Security Actions
- Scan triggered
- Violation assigned/suppressed
- Violation status changed
- AI features enabled/disabled
- Automated scanning configured
Access Control
- Repository access granted/revoked
- Team created/deleted
- Team membership changed
- Permission level modified
Organization Settings
- Organization settings changed
- Billing information updated
- Subscription plan changed
- API key created/deleted
- Integration configured
Audit Log Details
Each log entry includes:- Timestamp: When the action occurred
- Actor: Who performed the action (user email)
- Action: What was done
- Target: What was affected
- Details: Additional context
- IP Address: Where the action originated
- User Agent: Browser/client used
Filtering Audit Logs
Filter Options
- By Time: Last 24 hours, 7 days, 30 days, custom date range
- By Action Type: User management, repository actions, security actions, access control, settings changes
- By Actor: Specific user, all admins, all users, API actions
- Search: User email, repository name, action keyword, IP address
Exporting Audit Logs
Export audit logs for compliance or external analysis:1
Apply Filters
Filter to the specific logs you want to export
2
Click Export
Click Export button
3
Choose Format
Select CSV, JSON, or PDF (report format)
4
Download
Download exported audit logs
Audit Log Retention
| Plan | Retention Period |
|---|---|
| FREE | 30 days |
| PRO | 90 days |
Need extended retention for compliance? Contact sales about custom enterprise options.
Common Use Cases
Security Incident Investigation
- Filter by date range when incident occurred
- Review all actions during that period
- Identify suspicious actions
- Track changes to security settings
- Generate report for incident documentation
Compliance Audits
- Export audit logs for audit period
- Demonstrate access control enforcement
- Show timely access removal
- Prove security settings compliance
- Document change management
Troubleshooting
- Check recent configuration changes
- Verify who modified settings
- Identify when problem started
- Correlate with logged actions
- Determine root cause
Best Practices
- Regular review: Weekly review of audit logs by security team
- Monitor critical actions: Set alerts for sensitive actions
- Export regularly: Monthly export for compliance documentation
- Investigate anomalies: Review unusual activity
- Document reviews: Note audit log reviews in compliance records
- Long retention: Enable longer retention for regulated industries