# Audit logs Audit logs provide a comprehensive record of actions taken within your Workspace. They help you track who did what and when, making them valuable for security monitoring, compliance requirements, and troubleshooting. ## Key Features * Comprehensive Logging: * Records important user actions and system events (API-based operations) * Provides visibility across your entire Workspace * Consistent Format: * Each log entry includes time, status, IP address, and log details * Log Details: Contains information about: * Operation (e.g., resource creation, update, deletion) * User (includes API key) who performed the action * Affected resource (e.g., notebook, connection, workspace) * Resource-specific properties relevant to the action * Privacy Protection: * Account email addresses are partially masked (only domain portion remains visible) * Current Log Scope: * Logs currently record resource metadata rather than full content * For example, notebook IDs and names are logged, but not the notebook content * Note: The specific data included in logs may change in future updates * Filtering Capabilities: * Filter logs by partial text match * Narrow down results to find specific activities * Retention Period: * Audit logs are retained for 1 year ## Accessing Audit Logs You can access all logs from Workspace Settings > Audit logs. But the audit logs which related to each resource types are accessable from multiple locations: * **Workspace Settings**: * `General` > `Change logs` * `Users` > `Change logs` * `Groups` > `Edit` > `Change logs` * `Teamspaces` > `Edit` > `Change logs` * `API keys` > `Change logs` * `Connections` > `Access level and permissions` > `Edit` > `Change logs` * **Report**: * Each report page > `Report settings` > `logs` * **Notebook**: * Each notebook page > `Share` > `Public link` > `Change logs` ## Audit Log Categories Operations in the audit logs are categorized into six main types to help you understand the nature of activities: * **Workspace Management**: Operations related to workspace administration * **Access Control**: Operations related to permission settings and role assignments * **Data Permission**: Operations involving data access rights and configurations * **View Data**: Operations for data viewing and querying * **Edit Content**: Operations modifying content (in notebooks, manually written content, or files) * **View Content**: Operations involving content viewing without modification ## Audit Log Operation List The following is a partial list of operations that are logged in the audit system. This list may not be exhaustive and is subject to change as new features are added to Codatum: | Resource | Operation | Log Category | | ---------------- | -------------------------------------------- | ----------------------- | | Workspace | Create a workspace | Workspace Management | | | Delete a workspace | Workspace Management | | | Update workspace settings | Workspace Management | | Workspace User | Invite user to workspace | Access Control | | | Delete workspace invitation | Access Control | | | Resend workspace invitation | Access Control | | | Accept workspace invitation | Access Control | | | Decline workspace invitation | Access Control | | | Join workspace via invite link | Access Control | | | Generate workspace invite link | Access Control | | | Join workspace via allowed domain | Access Control | | | Change workspace account role | Access Control | | | Remove user from workspace | Access Control | | | Add permission to user | Access Control | | | Change resource role for user | Access Control | | | Remove permission from user | Access Control | | Group | Create a group | Access Control | | | Add user to group | Access Control | | | Remove user from group | Access Control | | | Delete a group | Access Control | | | Add group owner | Access Control | | | Remove group owner | Access Control | | | Add permission to group | Access Control | | | Change permission role for group | Access Control | | | Remove permission from group | Access Control | | API Key | Create an API key | Access Control | | | Delete an API key | Access Control | | | Retrieve API key secret | Access Control | | | Create API key secret | Access Control | | | Delete API key secret | Access Control | | | Use API key | View Data, View Content | | Connection | Create a connection | Data Permission | | | Delete a connection | Data Permission | | | Change connection access level | Data Permission | | | Add connection owner | Data Permission | | | Remove connection owner | Data Permission | | | Execute query job | View Data | | | Get job metadata | View Data | | | Get job result | View Data | | | Download job result | View Data | | | Cancel query job | View Data | | | Get table metadata | View Data | | | Get table rows | View Data | | Teamspace | Create a teamspace | Access Control | | | Delete a teamspace | Access Control | | | Add teamspace owner | Access Control | | | Remove teamspace owner | Access Control | | Notebook | Create a notebook | Edit Content | | | Delete a notebook | Edit Content | | | Rename a notebook | Edit Content | | | Open a notebook | View Content | | | Update a notebook | Edit Content | | | Duplicate a notebook | Edit Content | | | Restore a notebook from version | Edit Content | | | Move a notebook | Access Control | | | Add notebook share permission | Access Control | | | Change notebook share permission role | Access Control | | | Remove notebook share permission | Access Control | | Notebook Version | Create notebook version | Edit Content | | | Delete notebook version | Edit Content | | File | Upload media file | Edit Content | | | Get media file signed URL | View Content | | Report | View a report | View Data, View Content | | | Publish a report | Data Permission | | | Publish report changes | Data Permission | | | Delete a report | Data Permission | | | Add report share permission | Access Control | | | Remove report share permission | Access Control | | | Share report to guest | Access Control | | | Delete report invitation | Access Control | | | Get job metadata in report | View Data | | | Get job result in report | View Data | | | Get table metadata in report | View Data | | | Get table rows in report | View Data | | | Get media file signed URL on report | View Data | | Public Link | Publish public link notebook | Data Permission | | | Publish public link notebook changes | Data Permission | | | Delete public link notebook | Data Permission | | Signed Embed | Publish signed embed notebook | Data Permission | | | Publish signed embed notebook changes | Data Permission | | | Delete signed embed notebook | Data Permission | | | Update signed embed notebook allowed origins | Access Control | | | Add API key to signed embed notebook | Access Control | | | Remove API key from signed embed notebook | Access Control | | | Add parameter to signed embed notebook | Access Control | | | Remove parameter from signed embed notebook | Access Control | | | Issue token for signed embed notebook | View Data, View Content | | | Open signed embed notebook | View Data, View Content | | | Get media file signed URL on signed embed | View Content | ## Important Notes * Export functionality is not currently available (please contact support if needed) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.codatum.com/security/audit-logs.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.