Audit Logs

Audit Logs can be used to track the user activities within your RudderStack workspace. It captures the user actions such as creation or modification of sources, destinations, transformations, and Multi-Factor Authentication (MFA).

The Audit Logs feature is available for the enterprise plan users. For more information on this plan and its features, refer to the RudderStack Pricing page.

Accessing the audit logs

The workspace-related audit logs can only be accessed by the users having Admin or Read-Write access.

You can access the workspace-related audit logs by clicking on the Audit Logs in the left navigation bar of the RudderStack dashboard, as shown:

Audit Logs

For the audit logs related to a specific source or destination, you can go to the source/destination details page and click on the Audit Logs option, as shown:

Audit Logs details

Audit logs details

The audit logs capture the following information:

  • User: Name and email of the user in the RudderStack workspace.
  • Action: User action performed on the entity.
  • Target: Entity name, that is, the name assigned to the source, destination, transformation, etc.
  • Type: Entity type, that is, source, destination, transformation, teammate, etc.
  • When: Timestamp when the user action was performed.
Source Audit Logs

The following sections detail the various user actions captured by the audit logs based on the target type, that is, sources, destinations, transformations, teams, or MFA (multi-factor authentication).

Source audit

ActionDescription
CreatedUser created a source in the dashboard.
UpdatedUser updated the source settings in the dashboard.
Updated NameUser updated the source name in the dashboard.
DeletedUser deleted the source from the dashboard.

Destination audit

ActionDescription
CreatedUser created a destination in the dashboard.
UpdatedUser updated the destination settings in the dashboard.
Updated NameUser updated the destination name in the dashboard.
DeletedUser deleted the destination from the dashboard.
Connect SourceUser connected a source to the destination.
Disconnect SourceUser disconnected a source from the destination.
Added TransformationUser added a transformation to the destination.
Deleted TransformationUser removed/disconnected a transformation from the destination.

Transformation audit

ActionDescription
CreatedUser created a new transformation in the dashboard.
UpdatedUser updated the transformation.
DeletedUser deleted the transformation from the dashboard.

These audits apply to the transformation libraries as well.

Team audit

ActionDescription
InvitedUser invited a new user to join the current RudderStack workspace.
AcceptedNew user accepted the invitation to join the workspace.
CancelledUser cancelled the invitation to join the workspace.
Changed PermissionUser changed the permissions for a specific user (identified by userId) in the workspace.
DeletedUser removed/deleted a user(identified by userId) from the workspace.

Multi-Factor Authentication (MFA) audit

ActionDescription
Enabled MFAUser enabled MFA for his account.
Disabled MFAUser disabled MFA for his account.
Updated PhonenumberUser updated their phone number used for MFA.

Contact us

For queries on any of the sections covered in this guide, you can contact us or start a conversation in our Slack community.

Contents