Audit Logs

Track user activities in your RudderStack workspace.

3 minute read

RudderStack offers the Audit Logs feature to track user activities within your RudderStack workspace, like creating or modifying sources and destinations, transformations, implementing Multi-Factor Authentication (MFA), and more.

The Audit Logs feature is available for only in the RudderStack Cloud Enterprise plan.

Accessing the audit logs

The workspace-related audit logs can only be accessed by the users having admin permissions.

You can access the workspace-related audit logs by going to Settings > Workspace > Audit Logs:

For the audit logs related to a specific source or destination, go to the source/destination details page and click the Audit Logs option:

Audit logs details

The audit logs capture the following information:

User: Name and email of the user in the RudderStack workspace.
Action: User action performed on the entity.
Target: Entity name, that is, the name assigned to the source, destination, transformation, etc.
Type: Entity type, that is, source, destination, transformation, teammate, etc.
When: Timestamp when the user action was performed.

The following sections detail the various user actions captured by the audit logs based on the target type, that is, sources, destinations, transformations, teams, or MFA (multi-factor authentication).

Source audit

Action	Description
Created	User created a source in the dashboard.
Updated	User updated the source settings in the dashboard.
Updated Name	User updated the source name in the dashboard.
Deleted	User deleted the source from the dashboard.

Destination audit

Action	Description
Created	User created a destination in the dashboard.
Updated	User updated the destination settings in the dashboard.
Updated Name	User updated the destination name in the dashboard.
Deleted	User deleted the destination from the dashboard.
Connect Source	User connected a source to the destination.
Disconnect Source	User disconnected a source from the destination.
Added Transformation	User added a transformation to the destination.
Deleted Transformation	User removed/disconnected a transformation from the destination.

Transformation audit

Action	Description
Created	User created a new transformation in the dashboard.
Updated	User updated the transformation.
Deleted	User deleted the transformation from the dashboard.

These audits apply to the transformation libraries as well.

Team audit

Action	Description
Invited	User invited a new user to join the current RudderStack workspace.
Accepted	New user accepted the invitation to join the workspace.
Cancelled	User cancelled the invitation to join the workspace.
Changed Permission	User changed the permissions for a specific user (identified by `userId`) in the workspace.
Deleted	User removed/deleted a user(identified by `userId`) from the workspace.

Multi-Factor Authentication (MFA) audit

Action	Description
Enabled MFA	User enabled MFA for his account.
Disabled MFA	User disabled MFA for his account.
Updated Phonenumber	User updated their phone number used for MFA.

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Questions? Contact us by email or on Slack