Audit Logs
Audit logs in Regulus provide a detailed record of all important user actions within your organization. These logs enable internal accountability, compliance tracking, and security auditing by storing who performed an action and when it occurred.
What Audit Logs Record
Each audit log entry typically contains:
- User ID: The user who performed the action.
- Action: A description of the action taken (e.g., "Exported 17 alerts as CSV").
- Timestamp: The date and time when the action occurred.
- Organization ID: The organization under which the action was performed.
How Audit Logs Are Created
Audit logs are generated using the logAudit utility, which is called whenever a significant user action occurs within the platform. This includes, but is not limited to:
- Exporting alerts or reports.
- Creating, updating, or deleting rules.
- Processing transactions or flagging activity.
- Other administrative or compliance-related actions.
Viewing Audit Logs
Audit logs can be retrieved via the API or viewed within your organization's dashboard. Entries are ordered by timestamp, with the most recent actions appearing first.
Example of a log entry:
| ID | User ID | Action | Timestamp |
|---|---|---|---|
| 40 | 3 | Exported 17 alerts as CSV | 10/10/2025, 3:17:37 PM |
Best Practices
- Regularly review audit logs to ensure accountability and detect unauthorized actions.
- Use exports for compliance audits or internal security reviews.
- Maintain logs securely and limit access to authorized personnel only.
- Include the organization and user context when analyzing logs for traceability.
To see related actions that generate audit logs, refer to the Audit API Documentation and transaction handling sections.