Dashboard Guide
Audit Logs
Audit Logs records every meaningful action against your organization — secret reads / writes, project lifecycle, team membership, billing, and API key management. Use them for security investigations, compliance reviews, and general "who changed what?" debugging.
Logged Events
| Category | Events |
|---|---|
| Secrets | SECRET_SET, SECRET_READ, SECRET_LIST, SECRET_DELETE |
| Projects | PROJECT_CREATE, PROJECT_UPDATE, PROJECT_DELETE |
| Variables | VARIABLE_SET, VARIABLE_DELETE, ENV_BULK_UPLOAD |
| Team | TEAM_INVITE, TEAM_MEMBER_ADD, TEAM_MEMBER_REMOVE, TEAM_ROLE_CHANGE |
| API Keys | API_KEY_CREATE, API_KEY_REVOKE |
| Auth | USER_LOGIN, USER_2FA_ENABLE, USER_2FA_DISABLE, PASSWORD_CHANGE |
| Billing | BILLING_PLAN_CHANGE, BILLING_PAYMENT, BILLING_CANCEL |
Filtering
The filter panel narrows the log by:
- Category — multi-select across the categories above.
- Resource type — secret / project / member / api-key / billing.
- Action — exact event name (e.g.
SECRET_READ). - Date range — preset shortcuts (last 24h, 7d, 30d) or custom range.
- Actor — filter by member email or API key name.
Click Apply to refresh, Reset to clear all filters.
Log Entry Anatomy
Each entry shows:
- Timestamp in your local timezone (UTC under the hood).
- Actor — user email, or
api-key:<name>for service accounts. - Action — the event constant.
- Resource — secret key, project name, member email, etc.
- Context — IP address, environment, version (where applicable).
Investigations
Suspected leaked API key: filter by Actor = api-key:<name> + date range covering the suspect window. Look for unfamiliar source IPs and unexpected secret reads.
Off-boarding follow-up: filter by Actor = leaving employee's email + last 30 days. Verify the secrets they read so you know what to rotate.
Unexpected production change: filter Resource type = secret + Action = SECRET_SET + Environment = production. Cross-check the actor.
Retention
Audit log retention depends on your plan tier — see Billing. Higher tiers offer longer retention windows. For long-term archival, export the log periodically via the API.