AdministrationAuthentication and security

Viewing audit logs

Enterprise

Enterprise-tier organizations with single-tenant environments can request the ability to view audit logs for their environment. Audit logs track different types of member activities, including account management, API usage, and deployment operations.

The audit logs feature is in private preview, with some limitations. Audit log categories are based on the Instabase platform and some categories have no corresponding functionality in AI Hub. You might see audit log categories with unfamiliar names or empty results.

Viewing and downloading audit logs

Before you begin

Connect with Instabase Support to request the required access permissions. When enabled, admins can access audit logs from the settings page or via API, using the audit endpoint.

  1. In the header, click the initials icon and select Settings.

  2. Click Members.

  3. Click Manage and select View audit logs. The audit logs page opens.

When viewing audit logs, use the Filter by options to filter results by date and user, and use the Log dropdown to select audit log categories. Use the Number of results field to adjust how many results are loaded by default.

To download the audit logs displayed, click the download iconIcon of downwards arrow in front of a cloud. and select a format (.csv or .json).

Adjust the Number of results value or click Load more to download more results at a time.

Audit log categories

Audit logs are organized into categories based on the type of activity being tracked. All audit logs include a timestamp of the operation. Identifiers, such as email addresses or user IDs, can represent either the user who initiated the task or the user upon which the task was performed, depending on the category. Commonly referenced categories are described in the following table.

If using the audit endpoint to retrieve audit log data, the Log type column shows the corresponding log_type parameter value to use in your API request.
Log typeDescription
Account (account)User account creation. Account deletion isn’t recorded.
Access control (acl)Workspace or group membership activities, including being assigned workspace management permissions.
This category is notably reflective of the Instabase platform, and might be challenging to interpret in the AI Hub context.
• Workspace membership changes are recorded under the repo action perm.
• Group changes use a group ID as the identifier, rather than the group name.
Apps (apps)Automation app management activities, including app creation, updates, and deletion.
App deployment (app_deployment)Deployment management activities, including deployment creation, updates, and deletion.
App deployment run (app_deployment_run)Deployment run activities including creating new deployment runs, resuming paused runs, and deleting runs.
Login (login)Member login events. The user’s authentication method is recorded in a secondary log.
Mount (mount)Data connection activities, including adding, updating, and removing data connections.
OAuth2 (oauth2)OAuth token management activities, including creating, refreshing, and deleting tokens.
Organization (org)Organization role changes. Being granted the admin role is logged as receiving the org:write permission.
Org secret (org_secret)Organization secret management, including secret creation, updates, and deletion. Includes detailed change tracking.