Audit Logs
Audit Logs
Track all security-relevant actions in your organization with comprehensive audit logging.
Accessing Audit Logs
Navigate to Settings > Audit Logs to view your organization's activity history.
Tracked Actions
Authentication
| Action | Description |
|---|---|
auth.login |
User logged in |
auth.logout |
User logged out |
auth.password_change |
Password changed |
auth.password_reset |
Password reset requested |
Users & Members
| Action | Description |
|---|---|
user.create |
User created |
user.update |
User profile updated |
user.delete |
User deleted |
user.invite |
User invited |
member.role_change |
Member role changed |
member.remove |
Member removed from organization |
Forms
| Action | Description |
|---|---|
form.create |
Form created |
form.update |
Form settings changed |
form.delete |
Form deleted |
form.publish |
Form published |
form.unpublish |
Form unpublished |
form.duplicate |
Form duplicated |
Submissions
| Action | Description |
|---|---|
submission.view |
Submission viewed |
submission.export |
Submissions exported |
submission.delete |
Submission deleted |
More Tracked Actions
API Keys
| Action | Description |
|---|---|
api_key.create |
API key created |
api_key.revoke |
API key revoked |
api_key.delete |
API key deleted |
Webhooks
| Action | Description |
|---|---|
webhook.create |
Webhook created |
webhook.update |
Webhook updated |
webhook.delete |
Webhook deleted |
Teams & Roles
| Action | Description |
|---|---|
team.create |
Team created |
team.update |
Team updated |
team.delete |
Team deleted |
team.member_add |
Member added to team |
team.member_remove |
Member removed from team |
role.create |
Custom role created |
role.update |
Role permissions updated |
role.delete |
Role deleted |
Invites
| Action | Description |
|---|---|
invite.create |
Invite sent |
invite.revoke |
Invite revoked |
Billing
| Action | Description |
|---|---|
billing.subscription_change |
Subscription plan changed |
billing.payment_method_add |
Payment method added |
billing.payment_method_remove |
Payment method removed |
Filtering Logs
Use the filter controls to narrow down results:
| Filter | Description |
|---|---|
| Date Range | Select start and end dates |
| Action Type | Filter by action category (auth, form, submission, etc.) |
| Actor | Filter by specific user |
| Target | Filter by affected resource |
| Search | Free-text search across actor email, target label, and action |
Log Entry Details
Each log entry includes:
| Field | Description |
|---|---|
| Timestamp | When the action occurred |
| Action | The action type performed |
| Actor | User who performed the action |
| Actor Type | user, system, or api |
| Target | Resource affected (form, user, etc.) |
| IP Address | Client IP address |
| Request ID | Correlation ID for debugging |
| Metadata | Additional context (varies by action) |
Exporting Logs
-
1
Apply Filters
Apply your desired date range and action filters. ::
-
2
Click Export
Click the Export button in the toolbar. ::
-
3
Choose Format
Choose your export format:
- CSV — Spreadsheet-compatible
- JSON — Machine-readable ::
Data Retention
Audit logs are retained for 90 days by default. Enterprise plans can extend retention to 1 year or more.
Compliance
Audit logs support compliance requirements for:
| Framework | Coverage |
|---|---|
| SOC 2 | User activity tracking |
| GDPR | Data access logging |
| HIPAA | PHI access audit trails |
| PCI-DSS | System access monitoring |
API Access
Query audit logs programmatically via the API:
curl -X GET "https://api.buoyforms.com/v1/audit-logs" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"See the API Reference for query parameters and response format.
Advanced: API Query Parameters
| Parameter | Type | Description |
|---|---|---|
startDate |
ISO 8601 | Start of date range |
endDate |
ISO 8601 | End of date range |
action |
string | Filter by action type |
actorId |
string | Filter by user ID |
targetId |
string | Filter by resource ID |
limit |
integer | Results per page (max 100) |
cursor |
string | Pagination cursor |
The API returns paginated results. Use the cursor value from the response to fetch the next page.
Best Practices
-
1
Regular Review
Check audit logs weekly for suspicious activity — unusual login locations, unexpected role changes, or bulk deletions. ::
-
2
Set Alerts
Configure notifications for high-risk actions like
member.role_change,api_key.create, andform.delete. :: -
3
Export Backups
Periodically export logs to external storage before they exceed the retention window. ::
-
4
Limit Access
Restrict audit log viewing to administrators to prevent information leakage. ::
-
5
Correlate Events
Use request IDs to trace related actions across a single user session or API call chain. ::