R RockAI docs
/

Run your workspace

Audit log

Every workspace ships with an immutable audit trail at /app/audit. Admin and Owner roles can browse, filter, and inspect entries; Editor and Viewer are blocked.

What gets logged

The application writes to audit_logs for any action that materially changes workspace state or surfaces compliance exposure. Examples include:

  • Member invitations, role changes, removals.
  • Integration connect / disconnect (Slack, Teams, webhooks).
  • Integration webhook delivery failures (so broken Slack URLs are visible without tailing logs).
  • GDPR data-subject-request exports (dsr.exported) and erasures (dsr.erased).
  • Billing-plan changes initiated from the admin UI.

Each row carries: action slug, entity type / id, actor user (or System when triggered by a queue job), originating IP, user agent, and a before / after JSON snapshot.

Filtering

The toolbar accepts:

  • Action โ€” substring match (case-insensitive), e.g. dsr shows both exported and erased rows.
  • Entity type โ€” dropdown populated with the distinct entity types currently in your workspace's log, so you only see options that actually have history.
  • Actor email โ€” exact match on the user's email; pass an unknown email to surface only system-initiated rows.
  • From / To โ€” bracket created_at. Either bound is optional.

Filters compose; pagination respects the active filter set.

Retention

Rows are retained indefinitely by default โ€” small per workspace and load-bearing for compliance reviews. If your buyer's privacy policy requires a hard ceiling, contact support to discuss a retention sweep.

Why no edit / delete

Audit rows are append-only. There is no UI to edit a row, and the database has no updated_at column on audit_logs. This is intentional โ€” a compliance log that can be rewritten is not a compliance log.

Performance

The table is indexed on (workspace_id, created_at) and (entity_type, entity_id). A workspace with tens of thousands of rows still serves the first page in under 50ms. If you need to bulk-export, query the table directly via the workspace:audit-export Artisan command (planned) rather than scraping the UI.