Skip to content
lube

Audit logs

Transactional300+ actionsBefore / after

Trust the trail, not the retelling.

Every state-changing action writes an audit row in the same transaction as the change itself, with the actor, a before-and-after diff, and the context, so an operational decision always has a paper trail.

Its place in the loop

Audit logs are the memory of the Evidence stage.

One connected loop, held on the stage this capability serves. The other stages stay as context so you can see what feeds in and what comes next.

BD
Discovery
Feedback
Product
Engineering
Release
Reliability
Evidence

Stage inventory

Evidence

Prove what happened.

Audit logs

Review supported workspace changes and their recorded context.

Available now

Coming later reflects product vision, not a delivery commitment.

The trail, tailing live

The record writes itself as the workspace changes.

Every state-changing action appends one row, newest on top, so an incident review reads the timeline instead of reconstructing it.

audit trail · tail

live
waiting for next event
  • sarah · flag.updatecheckout-v2 · rollout 5% to 25%2m ago
  • dev · deployment.createstaging · #482114m ago
  • admin · member.rolejo · viewer to admin1h ago
  • sarah · apikey.revokeci-token3h ago
  • dana · incident.resolveapi latency5h ago
Append-only, newest first

Why the trail is trustworthy

Recorded with the change, not after it.

Before and after

Read the delta, not a description.

Each entry keeps a structured diff, so you see exactly which fields moved and to what.

json diffper fieldbefore → after

flag.update · checkout-v2

  • rollout

    5%25%
  • status

    offon

Written in the same transaction as the change.

A change, applied

Transactional

The audit row rolls back with the change.

An entry is written inside the same database transaction as the mutation. If the change rolls back, so does its record, enforced at runtime.

same txno phantomsenforced
  1. 01

    Mutation

    a change begins

  2. 02

    Audit row

    written in the same tx

  3. 03

    Commit

    both land together

  4. 04

    Rollback

    both undone together

One transaction, one record

Who did what

See who is active in the trail.

Every row keeps its actor, so activity across the workspace is attributable at a glance.

actorteamip · agent
  • sarah42 actions
  • dev31 actions
  • admin18 actions
  • renovate9 actions
Actions per actor

The breadth of the trail

If it changes state, it is recorded.

Audit coverage spans the whole workspace. These are real action families, each with typed change schemas behind them.

Release

Rollout and delivery.

feature_flag.*deployment.*environment.*api_spec.*

Reliability

Operations.

uptimeIncident.*uptimeMonitor.*uptimeStatusPage.*

Access

Who can do what.

member.*team.*api_key.*

Product

Signal and work.

feedback.*idea.*work_object.*product.*

Evidence

Usage and cost.

ai_usage.*usage_meter.*integration.*

Filters

How you investigate.

resourceactoractiondatefull-text

An honest limit

Audit rows persist without a configurable retention or TTL today, so history is kept indefinitely rather than expired on a schedule. Page cursors are opaque keyset tokens, stable but not meant to be parsed by hand.

Audit facts

300+

Action types across release, reliability, access, product, and evidence.

1 tx

The audit row and the mutation share a single database transaction.

Diff

Each entry keeps a before-and-after view of what changed.

Keyset

Investigation pages ride stable, opaque cursor tokens.

What it records

See the changes audit history captures.

Keep a trail you can actually inspect.

Start free

Supported state-changing actions, recorded with context.