Audit Logs
Every workspace action is logged with the acting user, timestamp, and a plain-English description. What is tracked, who can access logs, and how to export.
Every action taken in your Edilitics workspace is recorded in the audit log with the acting user's email, a timestamp, and a human-readable description. Audit logs give workspace admins full visibility into what happened, when, and who did it, across every module.
How Audit Logs Work
Edilitics maintains two layers of logging internally. A raw event log captures every API call. A human-readable log translates each event into a plain-English description with the acting user and timestamp. The audit log interface and CSV export surface the human-readable layer.
Every log entry includes:
- The acting user's email address
- The workspace domain
- A timestamp
- A plain-English description of the action
Access and Export
Audit logs are accessible to workspace admins only. Admins can view logs for any user in the organisation and filter by user, date range, and module. Members and Add-on Users can view their own activity but cannot access organisation-level logs.
To export logs, select a date range within your plan's retention window and download as CSV. The export includes all fields: user, timestamp, and description for each entry.
Retention by Plan
| Plan | Retention |
|---|---|
| 14-day evaluation | 7 days |
| Individual Launch | 30 days |
| Individual Scale | 60 days |
| Individual Pinnacle | 90 days |
| Team Launch | 90 days |
| Team Scale | 180 days |
| Team Pinnacle | 365 days |
| Enterprise | Custom |
What Is Logged
Workspace and Account
| Action | What is recorded |
|---|---|
| Login or signup | Whether the user logged in or signed up, and the platform used |
| Organisation onboarding | User email and workspace domain on first join |
| Profile update | Which profile fields were changed |
| Organisation profile update | Which organisation fields were changed |
| User role change | The user whose role was changed and the new role |
| User access reinstated or revoked | The affected user's email and the action taken |
| Slack connection | The Slack workspace name connected for notifications |
| Request access | The workspace domain the user requested to join |
| Invite sent | The email addresses invited and the number of invitees |
Integrate
| Action | What is recorded |
|---|---|
| View integrations | Which view was used: own, all, or shared |
| View integration details | The integration name and database type |
| Create integration | The database type, integration name, and database name |
| Upload file integration | The file type and integration name |
| Update connection details | The integration name and which fields were changed |
| Rename integration | The new integration name |
| Test connection | The database type and database name tested |
| View schema and DQ profile | The table name viewed |
| Preview table data | The table name and integration title |
| Share integration | The integration name and the users access was granted to |
| Revoke integration access | The integration name and the user whose access was removed |
| View column metadata | The table and column name viewed |
| Update table metadata | The table name and which metadata fields were updated |
Transform
| Action | What is recorded |
|---|---|
| View transformation flows | Which view was used: own, all, or shared |
| Create transformation flow | The flow title and destination table name |
| Update transformation flow | The flow title and destination table name |
| Open flow for editing | The flow ID |
| Delete transformation flow | The flow title, destination table, and original creator |
| Rename flow | The new title |
| Reschedule flow | The flow title and new schedule |
| Share flow | The users access was granted to |
| Revoke flow access | The user whose access was removed |
| Pause or resume flow | Which action was taken |
| Manually trigger run | The flow title and destination table |
| View run history | The flow ID, time filter, and status filter applied |
| View specific run logs | The flow ID and run ID |
| Duplicate flow | The flow ID duplicated |
| Load table sample for builder | The table name, source type, destination type, and that a 16,600-row snapshot was encrypted and stored |
| Apply operation in builder | The operation type applied |
| Validate operation | The operation type validated |
| Reset operations | That one or more operations were removed and the flow state was reset |
| Exit builder without saving | That the stored sample was deleted from Edilitics servers |
AskEdi
| Action | What is recorded |
|---|---|
| Start conversation | The conversation title, number of tables selected, model used, and which context toggles were sent to the LLM |
| Submit prompt | The model, conversation title, creator, and the exact prompt text |
| Rename conversation | The new title |
| Delete conversation | The conversation title and creator |
| Share conversation | The conversation title, creator, and users access was granted to |
| Revoke conversation access | The conversation title, creator, and user whose access was removed |
| Mark response as relevant or not | The relevance rating applied |
| View prompt interpretation | The conversation title and creator |
| View conversation history | The conversation title and creator |
Visualize
| Action | What is recorded |
|---|---|
| Generate chart | The chart type, table used, and the aggregations and fields applied |
| Create or save dashboard | The dashboard title and whether it was saved as a draft or published |
| Edit dashboard | The dashboard title and whether it was a draft or published edit |
| View dashboard | The dashboard ID |
| Duplicate dashboard | The dashboard ID |
| Delete dashboard | The dashboard title and creator |
| Enter edit mode | The dashboard title and creator |
| Share dashboard | The dashboard title, creator, and number of users access was granted to |
| Revoke dashboard access | The user whose access was removed |
| Rename dashboard | The new title |
| Update auto-refresh schedule | The new schedule, dashboard title, and creator |
| Manually refresh chart data | The dashboard ID and sheet ID |
| View dashboard sheet | The sheet ID |
| Create dashboard sheet | The sheet title |
| Update dashboard sheet | The sheet title |
| Request AI chart suggestions | The table name and any specific expectations provided |
Frequently Asked Questions
Related Docs
Data Encryption
How all stored data is encrypted at rest using per-workspace key derivation.
Privacy & Context Modes
Control exactly what schema context is sent to an LLM across AskEdi, Visualize, and Integrate.
Bring Your Own Key (BYOK)
Use your own API keys for OpenAI, Anthropic, or Google DeepMind and control provider-side logging.
Need help? Email support@edilitics.com with your workspace, job ID, and context. We reply within one business day.
Last updated on
Privacy & Context Modes
How Private, Balanced, and Full Context modes control what schema metadata is sent to an LLM across Integrate, AskEdi, and Visualize. No raw rows sent in any mode.
Bring Your Own Key
Configure your own API key for OpenAI, Anthropic, or Google DeepMind. When active, all AI features in your workspace use your key and your provider account.