Audit logs at /settings/org/audit-logs record administrative and collaboration actions inside your org. The page is scoped to your org. You cannot see events from other orgs, and a user landing on this page can only see events from the org they belong to.
What is logged
The audit log captures state-changing actions on collaboration and admin surfaces. Read-only operations (listing teams, viewing a member, calling a chat model) are not in the audit table.
Today the logged actions are:
| Action | Resource type | When it fires |
|---|---|---|
create |
team |
A new team is created |
update |
team |
A team's name, description, or settings change |
delete |
team |
A team is deactivated |
add_member |
team |
A user is added to a team |
remove_member |
team |
A user is removed from a team |
update_member_role |
team |
A team member's role changes |
share |
source |
A source is shared with another user or team |
respond_share |
source |
A user accepts or declines a share invitation |
revoke_share |
source |
A share is revoked |
invite |
conversation_participant |
A user is invited into a conversation |
invite_team |
conversation_participant |
A team is invited into a conversation |
respond_invite |
conversation_invite |
A user accepts or declines a conversation invitation |
remove |
conversation_participant |
A participant is removed from a conversation |
activate |
global_source |
A platform-managed source is activated for the org |
deactivate |
global_source |
A platform-managed source is deactivated |
update_config |
global_source |
A platform-managed source's configuration changes |
Each entry stores:
- Timestamp (UTC)
- User (email and display name, resolved at query time from the user table)
- Action and resource type (from the table above)
- Resource ID (the affected team, source, conversation, etc.)
- Detail: a small JSON blob, typically
{ method, path }for the originating HTTP request - IP address of the request
The Compliance API exposes the same records over a programmatic endpoint (when enabled for your org). See /settings/org/compliance-api to mint a key.
Layout
The page has four blocks stacked top to bottom:
- Summary cards: total events, unique users, unique actions over the selected range
- Top Actions: pill-shaped badges sorted by count, clickable to filter the table below
- Filters and export: date range, action filter, page size, export menu
- Log entries table: paginated, sorted newest first
Click any row to expand it inline; the row's detail JSON renders as a preformatted block. Rows with empty detail are not expandable.
Filtering
Three filters control what you see:
- Date range. Presets are 7, 30, and 90 days. Selecting "Custom range" reveals two date inputs. The from/to dates use the browser's local timezone for the picker, then expand to a full UTC day on the server; picking the same day twice returns the full 24-hour window.
- Action. Either "All actions" (the default) or one of the actions present in the current summary. Clicking a badge in Top Actions sets this filter; clicking it again clears it.
- Page size. 25, 50, or 100 rows per page.
Changing any filter resets pagination to page 1.
Exporting
The Export dropdown next to the filters offers two formats:
- CSV: one row per event, flattened. The
detailblob is stringified into its own column. - JSON: full fidelity, including the nested detail blob.
The export respects whatever filters are currently set on the page. There is no separate "download everything" path; narrow the range first, then export.
The download streams directly to disk through the browser. It uses your session cookies; you do not need an API key.
Retention
Audit log entries are stored indefinitely in your org's database. There is no automatic purge today. The Compliance API can read any record from the org's full history.
If you need an explicit retention policy enforced (for example, automatic deletion after 365 days for GDPR compliance) that is a data-handling configuration that lives outside the app UI; raise it with your PrivateMind account contact.
What is not logged
- Chat messages and model calls. The content of user prompts and model responses is not in the audit log. Conversation history lives in your org's conversation tables and has its own retention model.
- Reads. Listing teams, viewing a user's profile, opening a conversation: none of these produce audit entries.
- Failed requests. Audit entries are only written for requests with status
< 400. A403attempt to delete someone else's team is not recorded in this table. - Sign-in events. Authentication is handled by the identity provider; check the IdP's own audit log for sign-in trails.
Where next
- Org settings: the feature toggles whose flips you'd often want to cross-reference here
- Users and teams: what the
add_member/update_member_roleentries refer to
