Activity Log
View and export audit events scoped to an account or workspace.
The Activity Log records who did what and when — account and workspace administrative actions, secret reveals, membership changes, and more. Events are retained for 30 days.
Who can access
| Action | Required permission |
|---|---|
| View workspace audit | read on the workspace |
| View account audit | read on the account |
| Export audit JSON | read on the scope |
Prerequisites
- Access to at least one account or workspace
View activity
Open Activity Log
In the sidebar under Observe, click Activity Log.
Choose scope
Select Workspace or Account from the scope toggle.
- Workspace — uses the workspace from the top navigation picker
- Account — pick an account from the dropdown
Browse events
Each event shows Actor, Action, Resource, Timestamp, and metadata. Click an event for detail when available.
Export audit data
Set your scope
Choose account or workspace as above.
Click Export
Click Export JSON in the page header. The browser downloads a JSON file of audit events for the current scope.
Workspace detail shortcut
Workspace and account detail pages also show a Recent activity feed (last 25 events). Use Activity Log for full history and export.
Cross-tenant search across all accounts is not yet available in the portal. Use account or workspace scope.
Troubleshooting
| Problem | Likely cause | What to do |
|---|---|---|
| Empty feed | No events in retention window | Activity is retained 30 days; verify actions occurred in scope |
| Workspace scope empty | No workspace selected | Pick a workspace in the top navigation bar |
| Export fails | Network or permission error | Retry; confirm read on scope |
Related API
GET /v1/accounts/{account_id}/audit— account auditGET /v1/workspaces/{workspace_id}/audit— workspace auditPOST /v1/audit/export— export JSON
Related
- Process Log — application runtime logs (Loki)
- Accounts — account detail audit feed