Skip to content

Audit logs

Audit and event logs provide a detailed history of key actions within your organization or workspace, enabling admins to monitor and review system activity. Only admin users have access to view and export audit logs.

Types of actions logged

The following table describes the types of actions that are logged.

Activity Category
Register User management
Log in User management
Update password User management
Update email User management
Invite user to organization User management
Change user roles User management
Create workspace Workspace management
Accept/Reject workspace invite Workspace management
Update workspace details Workspace management
Archive/Unarchive workspace Workspace management
Update workspace's no-code jobs templates Workspace management
Create/Delete directory Data management
Upload/Update/Share/Rename/Remove/Download/Delete dataset Data management
Request cloud data access Data management
Generate test data Data management
Create/Review/Submit/Delete/Cancel job Job management
Update job details Job management
Create/Update job input variable Job management
Request/Cancel job review Job management
Revoke job repeatability Job management
Create/Update service Service management
Create service request Service management
Get audit logs Audit log management

Access audit logs

Opaque supports two role-based audit logs:

  • Organization-level logs
    • Can be accessed by the organization admin.
    • To access: Select Audit Logs from the primary left-hand nav.
  • Workspace-level logs
    • Can be accessed by the workspace admin who created the workspace.
    • To access: Select Event Logs from the secondary left-hand nav of the selected workspace.

Navigate the Audit Logs page

On the Audit Logs page (see figure), you can:

  1. View audit logs.
  2. Search and filter logs.
  3. Quickly set the time range for logs.
  4. Export logs with current filters applied.
  5. View signature with which to verify logs.

The Audit Logs page.

Audit log details

The data table on the Audit Logs page lists all available datasets. Each entry in the table includes:

  • Actor: User who performed the action.
  • Workspace: Applicable workspace (if any).
  • Action: Type of action performed.
  • Timestamp: Date and time of the event.
  • Status: Indicates success or failure.

By default, logs are sorted by timestamp (most recent first). Click a column header to change the sort order.

View log details

To view individual log details, click the ... icon next to a log entry.

The Audit Logs Details tab.

The Audit Logs JSON tab.

The detail panel displays:

  • Event ID: Auto-generated log identifier.
  • A description of the action performed.
  • Category of the action.
  • Entity involved (e.g., workspace, job, dataset), including the entity’s name or ID.
  • Workspace in which the action was performed (organization view only).
  • Full JSON payload for in-depth analysis.
  • If applicable, links to navigate to the entity or workspace.

Search and filter logs

When looking for a specific audit log, you have two options: you can search or filter.

  • To search: Use the search bar at the top of the Audit Logs page to find specific entries by keywords across all fields.
  • To use filters: Click Filter to refine logs based on:
    • Actor: Search by user name.
    • Workspace (Organization View Only): Filter by specific workspaces.
    • Action: Filter by action type.
    • Category: Select one or more categories.
    • Status: Filter by "success" or "failure."

Use the date range dropdown to quickly filter logs for a specified range (Last 24 hours, Last 7 days, Last 30 days, or Last 1 year).

Export audit logs

You can export either all existing logs or only logs that meet your filter criteria.

To export logs:

  1. Navigate to the Audit Logs page.
  2. (Optional) Apply filters to limit the number of logs shown.
  3. Click Export to download a ZIP file containing:
    • results.csv: The exported logs.
    • audit_logs_query.txt: The query used, including filters.
    • signature.bin: A signature file for data integrity verification.

Verify exported logs

Opaque uses a public-private key pair to sign exported logs, ensuring data integrity. Follow these steps to verify the exported logs:

Before you begin

  • You need OpenSSL installed to verify logs. Download it from OpenSSL.
  • You also need a public key, used for verification, which you can obtain from your Opaque admin.
  1. Open a terminal and navigate to the directory where the audit log files are located.

  2. Combine results.csv and audit_log_query.txt into a single file named combined_file.txt:

    cat results.csv audit_logs_query.txt > combined_file.txt

  3. Retrieve the public key file (provided by Opaque) for verification.

  4. Verify the audit logs using OpenSSL (replace <public_key_file> with the actual public key file name provided by Opaque):

    openssl dgst -sha256 -verify <public_key_file> -signature signature.bin combined_file.txt

  5. Check your output: If successful, you’ll see "Verified OK." Congratulations! You’ve proven that the audit logs have not been tampered with.

Info

If verification fails, contact your Opaque system administrator for assistance.