Search documentation...

K

Audit logs

Audit logs are only available on Business Tier plans.

Hightouch offers audit logs so workspace admins can see what actions users took in-app and when. For example, suppose someone notices that a sync has sent incorrect data to a destination. A workspace admin can use audit logs to review changes made to the sync before the incorrect data appeared. The admin can correct the issue, and—if necessary—implement controls to avoid future incidents.

View audit logs

Workspace admins and those with the appropriate access can view logs by going to the Audit log tab on the Settings page. The logs consist of a table of actions beginning with the most recent. Each row represents one action.

Audit log table in the Hightouch UI

Each action includes:

  • The Date and time, in the viewer's timezone, the action took place
  • The Action name, for example, "Sync updated"
  • The User who performed the action
  • The Resource type of the resource the action was performed on
  • The Resource name of the resource the action was performed on

Clicking on an action displays the action's full details in JSON format in the right panel. Added lines are highlighted in green, while removed lines are highlighted in red.

Audit log JSON inspection

Filter audit logs

You can filter logs by:

  • the user who performed the action
  • the resource type the action was performed on
  • the resource name the action was performed on
  • a range of dates

You can select multiple users and resource types to filter by simultaneously.

Filtering audit logs

FAQ

Who can view audit logs?

Anyone with read-access to the workspace resource can view audit logs.

Out-of-the-box roles with these permissions include Admins, Destination Admins, and Source Admins. If you want to create a custom role with the ability to view audit logs, it should include this policy:

{
  "effect": "allow",
  "actions": "read",
  "resource": [
    "workspace"
  ]
}

How far back do audit logs go?

Audit logs track up to 90 days of activity.

Hightouch released audit logs in November 2022. Logs prior to this may be incomplete.

What do audit logs include?

Audit logs track user-driven activity vs. programmatic changes. They work by taking a JSON snapshot of the changed resource for every user-driven change. Hightouch uses these snapshots for a before and after comparison for any changes.

A snapshot may include programmatic fields such as last_run_at, but Hightouch doesn't append a new audit log every time a field like last_run_at is updated since sync runs can be configured to run at regular intervals.

The exception to this is activity driven by Git Sync. For example, if a user changes a configuration via Git Sync, Hightouch treats that as a user-driven change, and it appears in the audit logs.

For a complete list of tracked actions, see the following list.

Resource types and tracked actions

Audit logs show creation, update, and deletion type actions for the following resource types:

Resource typeTracked actions
AlertCreations, updates, or deletions of alerts you configure to inform you of syncing issues
API keyCreations and deletions of API keys
Note: Audit logs don't include API Key usage
Approval requestActions taken during approval flows, including sending a request to review a draft or approving a draft
AudienceCreations, updates, or deletions of audience configurations
Audience schemaCreations, updates, or deletions of parent models, relationships, and event models
Cloud credentialCreations, updates, or deletions of cloud credentials, including changing your external storage configuration
DraftCreations, updates, or deletions of drafts used in approval flows
Git credentialCreations, updates, or deletions of Git credentials used for Git sync
Git Sync configurationCreations, updates, or deletions of Git sync configurations; for example, changing your tracked Git branch
InviteCreations and deletions of workspace invitations
MembershipCreations, updates, or deletions of workspace members, including changing a user's role
Membership requestCreations and deletions of workspace membership requests
ModelCreations, updates, or deletions of general model configurations, including updating the model query or primary key
Model columnCreations, updates, or deletions of model columns
Model previewActions taken while previewing a model, including a user clicking “Preview” while editing a model or running a SQL query against a source during model set-up
Model trait definitionCreations, updates, or deletions of audience traits
RoleCreations, updates, or deletions of custom roles
SessionUser sign-ins and sign-outs
SourceCreations, updates, or deletions of source configurations, including updating credentials or adding labels
SyncCreations, updates, or deletions of sync configurations, including adding labels, scheduling, and turning a sync on or off
Sync runActions taken while viewing a sync; for example, a user clicking “Run”
Note: Audit logs don't include scheduled sync runs nor API-triggered sync runs

    Need help?

    Our team is relentlessly focused on your success. We're ready to jump on a call to help unblock you.

    • Connection issues with your data warehouse?
    • Confusing API responses from destination systems?
    • Unsupported destination objects or modes?
    • Help with complex SQL queries?

    Feature Requests?

    If you see something that's missing from our app, let us know and we'll work with you to build it!

    We want to hear your suggestions for new sources, destinations, and other features that would help you activate your data.

On this page

View audit logsFilter audit logsFAQWho can view audit logs?How far back do audit logs go?What do audit logs include?Resource types and tracked actions

Was this page helpful?