Audit Log
Track all user actions with a tamper-evident audit trail.
Overview
The Audit Log provides a complete, tamper-evident record of all actions performed within your organization. Every create, update, delete, export, and import operation is logged with full context, including who performed the action, what changed, and when it happened.
Key Concepts
Tamper Evidence
Each audit log entry contains a cryptographic hash and a reference to the previous entry's hash, creating a chain. This makes it possible to detect if any entries have been modified or deleted after the fact.
What Is Logged
The audit system captures:
| Field | Description |
|---|---|
| Action | The type of operation (CREATE, UPDATE, DELETE, EXPORT, IMPORT, THEME_CHANGE, etc.) |
| Entity Type | What was affected (e.g., FleetVehicle, Profile, TenantMembership, TenantSettings) |
| Entity ID | The specific record that was affected |
| Actor | The user who performed the action (user ID and email) |
| Before | Snapshot of the record before the change (for updates and deletes) |
| After | Snapshot of the record after the change (for creates and updates) |
| Diff | Computed difference between before and after states |
| Route | The API route that triggered the action |
| Method | HTTP method (GET, POST, PATCH, DELETE) |
| Status | HTTP status code of the response |
| IP Address | The actor's IP address |
| User Agent | The actor's browser/client information |
| Timestamp | When the action occurred |
Automatic Logging
Audit entries are created automatically by the application. There is no way to perform a data mutation without generating an audit log entry. This is enforced through explicit audit helper functions (logAudit, auditInsert, auditUpdate, auditDelete) called in every mutation.
How to Use
Viewing the Audit Log
- Navigate to Admin > Audit Log.
- Browse entries in reverse chronological order (newest first).
Filtering
Use the filter controls to narrow down the log:
| Filter | Description |
|---|---|
| Text search | Search across action, entity type, actor email, and route |
| Action | Filter by action type (CREATE, UPDATE, DELETE, etc.) |
| Entity Type | Filter by the type of record affected |
| User | Filter by the user who performed the action |
| Date range | Filter by start and end dates |
Viewing Details
Click any audit log entry to see its full details, including:
- The complete before and after snapshots
- The computed diff showing exactly what changed
- Actor information and request metadata
Entity History
You can also view the audit history for a specific record by filtering on entity type and entity ID. This shows all changes made to a particular vehicle, profile, work order, or other record over time.
Statistics Dashboard
The audit stats view provides aggregate insights:
- Action breakdown -- How many creates, updates, and deletes occurred
- Entity type breakdown -- Which types of records are most frequently modified
- Top users -- The most active users by action count
- Activity by day -- A 7-day activity chart showing audit volume over time
Common Questions
Can audit log entries be deleted?
No. Audit log entries are immutable by design. They cannot be deleted or modified through the application.
How long are audit logs retained?
Audit logs are retained indefinitely. They are included in database backups when the "Include Audit Logs" option is selected.
Who can view the audit log?
Only Admin users can access the audit log list, stats, and detail views. Planners can view entity-specific history for records they have access to.
Does the audit log slow down the application?
Audit logging is designed to be lightweight. Log entries are written asynchronously after the main mutation completes, so they do not add significant latency to user-facing operations.