Reading the audit log and tracking admin actions

Updated Jun 29, 2026 · 1 min read

The audit log records every admin action taken on the platform. Learn how to search, filter, and interpret the log.

Navigate to Admin > Audit Log

From the Admin panel, click "Audit Log" in the sidebar. The log shows all admin actions in reverse chronological order (most recent first).

Filter by user

Use the "User" filter at the top to search for actions affecting a specific user. Enter their email address and the log will narrow to only rows where that user was the subject of an action.

Filter by action type

Use the "Action" dropdown to filter by action type. Available action types include:

  • tier_change — A user's subscription tier was modified by an admin
  • refund — A refund was issued via Stripe
  • credit_grant — Bonus credits were added to an account
  • login — An admin signed in to the admin panel
  • feature_override — A feature flag was overridden for a user or org
  • suspension — A user account was suspended or reinstated
  • password_reset — A password reset email was sent to a user

Filter by date range

Use the "From" and "To" date pickers to narrow the log to a specific time window. This is useful for investigating incidents or preparing compliance reports.

Read the log entries

Each log entry shows: the timestamp, the admin who performed the action, the action type, the affected user or organisation, and a brief description. Click "Details" on any entry to expand the full payload, which includes the before and after state for changes like tier_change.

Was this helpful?