Audit logs track all significant actions in your Zenovay organization. Monitor who did what and when for security and compliance.
What Gets Logged
User Actions
| Category | Events Logged |
|---|---|
| Authentication | Login, logout, MFA changes |
| Team | Member added, removed, role changed |
| Websites | Created, deleted, settings changed |
| Goals | Created, edited, deleted |
| Settings | Organization settings modified |
| Data | Exports, API access |
System Events
| Category | Events Logged |
|---|---|
| Security | Failed logins, suspicious activity |
| Billing | Plan changes, payments |
| Integrations | Connected, disconnected |
Accessing Audit Logs
Navigate to Logs
- Go to Settings → Activity tab
- View recent activity
- Use filters to narrow down
Audit Log View
┌─────────────────────────────────────────────────────┐
│ Audit Log [Export] [Filter]│
│ ─────────────────────────────────────────────────── │
│ │
│ Today │
│ ───── │
│ 2:45 PM john@company.com │
│ Created goal "Newsletter Signup" │
│ Website: marketing.company.com │
│ │
│ 2:30 PM admin@company.com │
│ Changed role for sarah@company.com │
│ From: Viewer → To: Editor │
│ │
│ 10:15 AM sarah@company.com │
│ Logged in │
│ IP: 192.168.1.100 │
│ │
│ Yesterday │
│ ───────── │
│ 5:30 PM admin@company.com │
│ Exported revenue report │
│ Format: CSV, Date range: Last 30 days │
│ │
└─────────────────────────────────────────────────────┘
Filtering Logs
Filter Options
| Filter | Options |
|---|---|
| Date range | Today, 7 days, 30 days, custom |
| User | Specific team member |
| Action type | Login, changes, exports |
| Category | Team, websites, goals, etc. |
Using Filters
- Click "Filter"
- Select criteria
- Apply filters
- View filtered results
Search
Search for specific events:
- User email
- Action keywords
- Resource names
Log Entry Details
Standard Entry
Each log entry contains:
Event: Goal Created
Date: January 15, 2025 2:45:32 PM
User: john@company.com
IP Address: 192.168.1.100
User Agent: Chrome/120, Windows
Location: San Francisco, CA
Details:
Goal Name: Newsletter Signup
Goal Type: Form submission
Website: marketing.company.com
Goal ID: goal_abc123
Expanded Details
Click entry to see full details:
- Complete action parameters
- Before/after values (for changes)
- Related resources
- Session information
Common Log Events
Authentication Events
| Event | Description |
|---|---|
| user.login | Successful login |
| user.login_failed | Failed login attempt |
| user.logout | User logged out |
| user.mfa_enabled | MFA turned on |
| user.password_changed | Password updated |
Team Events
| Event | Description |
|---|---|
| member.invited | Invitation sent |
| member.joined | Member accepted invite |
| member.removed | Member removed |
| member.role_changed | Role updated |
Website Events
| Event | Description |
|---|---|
| website.created | New website added |
| website.deleted | Website removed |
| website.settings_changed | Settings modified |
Goal Events
| Event | Description |
|---|---|
| goal.created | Goal created |
| goal.updated | Goal modified |
| goal.deleted | Goal removed |
Security Monitoring
Suspicious Activity
Watch for:
- Failed login attempts
- Logins from new locations
- After-hours activity
- Bulk exports
Security Alerts
Enterprise PlanSet up alerts for:
Alert: Multiple Failed Logins
Trigger: 5+ failed attempts in 10 minutes
Action: Email security team
Anomaly Detection
System automatically flags:
- Unusual login times
- New device/location
- Mass data exports
- Rapid permission changes
Log Retention
Retention by Plan
| Plan | Retention |
|---|---|
| Pro | 90 days |
| Scale | 1 year |
| Enterprise | Custom |
After Retention
Logs are:
- Permanently deleted
- Not recoverable
- Export before expiration
Exporting Logs
Manual Export
- Go to Audit Log
- Apply filters (optional)
- Click "Export"
- Choose format (CSV/JSON)
- Download
Export Format
CSV export includes:
timestamp,user,action,category,details,ip_address,location
2025-01-15T14:45:32Z,john@company.com,goal.created,goals,"name=Newsletter Signup",192.168.1.100,"San Francisco, CA"
2025-01-15T14:30:00Z,admin@company.com,member.role_changed,team,"user=sarah@company.com, from=viewer, to=editor",192.168.1.50,"San Francisco, CA"
Scheduled Exports
Enterprise PlanAutomate log exports:
- Go to Settings → Activity tab → click Export
- Set schedule (daily, weekly, monthly)
- Choose destination (email, S3, webhook)
- Enable
Compliance Use Cases
SOC 2
Audit logs help demonstrate:
- Access controls
- Change management
- Security monitoring
GDPR
Track and report:
- Data access
- User consent changes
- Data exports
Internal Audits
Document:
- Who accessed what
- When changes were made
- Approval workflows
Real-Time Log Streaming
Enterprise PlanStream to SIEM
Send logs to security tools:
- Splunk
- Datadog
- Elastic
Webhook Delivery
Receive logs via webhook:
{
"event": "member.role_changed",
"timestamp": "2025-01-15T14:30:00Z",
"actor": "admin@company.com",
"target": "sarah@company.com",
"details": {
"from_role": "viewer",
"to_role": "editor"
}
}
Best Practices
Regular Review
| Frequency | Review |
|---|---|
| Daily | Security events |
| Weekly | Permission changes |
| Monthly | Full audit |
| Quarterly | Compliance report |
Key Things to Monitor
- Permission escalations
- Unusual login patterns
- Large data exports
- Failed authentication
Documentation
Keep records of:
- Who reviewed logs
- When reviewed
- Issues found
- Actions taken
Troubleshooting
Logs Not Appearing
If events aren't logged:
- Some actions have slight delay
- Check filter settings
- Verify time range
- Ensure plan supports logging
Missing Details
If details are incomplete:
- Older events may have less detail
- Some integrations provide limited info
- System events may be sparse
Export Issues
If export fails:
- Reduce date range
- Check internet connection
- Try different format
- Contact support