Audit Logs
Track all activity in your Hublvu organization for compliance, troubleshooting, and security monitoring.
Accessing Audit Logs
Navigate to Audit Logs in the Security section of the sidebar.
What Gets Logged
User Actions
| Event | Description |
|---|---|
| Login | User authenticated successfully |
| Logout | User ended session |
| Login Failed | Authentication attempt failed |
| Password Change | User changed password |
| MFA Enrolled | User set up multi-factor auth |
| Profile Update | User modified their profile |
Data Changes
| Event | Description |
|---|---|
| Flow Created | New flow created |
| Flow Modified | Flow edited |
| Flow Deleted | Flow removed |
| Guide Created | New guide created |
| Guide Modified | Guide edited |
| Guide Deleted | Guide removed |
| Knowledge Uploaded | Document added |
| Knowledge Deleted | Document removed |
System Events
| Event | Description |
|---|---|
| Run Started | Flow or guide execution began |
| Run Completed | Execution finished |
| Run Failed | Execution encountered error |
| Tool Executed | External tool was called |
| Integration Connected | New integration configured |
| Integration Failed | Integration error occurred |
Security Events
| Event | Description |
|---|---|
| User Created | New user added |
| User Deactivated | User access removed |
| Role Changed | User role modified |
| Permission Changed | Permissions updated |
| API Key Created | New API key generated |
| API Key Revoked | API key disabled |
| SSO Configuration Changed | SSO settings modified |
Viewing Logs
The audit log view displays:
| Column | Description |
|---|---|
| Timestamp | When the event occurred |
| User | Who performed the action |
| Event | What happened |
| Resource | What was affected |
| Details | Additional context |
Click any entry to see full details.
Filtering
By Time Range
- Last 24 hours
- Last 7 days
- Last 30 days
- Custom range — Select specific start and end dates
By User
Search for events by a specific user:
- Click Filter by User
- Select or search for user
- Apply filter
By Event Type
Filter to specific event categories:
- User Actions
- Data Changes
- System Events
- Security Events
Or filter to specific events (e.g., only "Login Failed").
By Resource
Find events related to specific resources:
- Specific flow or guide
- Integration name
- File name
Exporting Logs
Export audit data for external analysis or compliance:
- Apply desired filters
- Click Export
- Select format:
- CSV — Spreadsheet-compatible
- JSON — Structured data
- Download file
Export Limits
Large exports are processed asynchronously. You'll receive a download link when ready.
SOC 2 Compliance
Audit logs support SOC 2 compliance requirements:
- Comprehensive logging — All significant events captured
- Tamper-proof — Logs cannot be modified or deleted by users
- Retention — Logs retained per your configured policy
- Access tracking — All data access logged
Compliance Dashboard
View compliance-specific metrics:
- Go to Security Analytics > Audit
- Review:
- Event volume over time
- Security event breakdown
- User activity patterns
- Anomaly detection
Retention
Default Retention
Audit logs are retained based on your plan:
- Standard — 90 days
- Enterprise — 1 year or custom
Custom Retention
Enterprise customers can configure:
- Go to Security Settings > Audit Configuration
- Set retention period
- Configure archival rules
- Save
Archived Logs
Logs beyond the active retention period may be:
- Archived to long-term storage
- Available on request
- Subject to your data retention policies
Best Practices
Schedule regular reviews of security events, especially failed logins and permission changes.
Configure alerts for critical events like multiple failed logins or administrative changes.
If you have compliance requirements, schedule regular exports and store them according to your data retention policy.
Unusual patterns (off-hours access, unexpected locations, bulk operations) warrant investigation.
Troubleshooting with Audit Logs
Finding What Changed
If something isn't working as expected:
- Filter by the affected resource
- Look for recent modifications
- Identify who made changes
- Review the change details
Tracking User Activity
To understand a user's actions:
- Filter by the user
- Review their event history
- Correlate with any issues or incidents
Security Investigations
For potential security issues:
- Filter to Security Events
- Look for patterns:
- Failed logins from unusual IPs
- Unexpected permission changes
- Out-of-hours administrative actions
Related Topics
- Security Settings — Configure security policies
- User Management — Manage user access
- Roles & Permissions — Permission configuration