Audit logs¶
Audit logs give you an organization-level record of key activity across Opaque—such as administrative actions and security-relevant changes. Use them to review what happened, when it happened, and who performed the action.
Audit logs are available from the Trust section in Opaque, alongside attestation reports. While audit logs capture activity, attestation provides cryptographic proof of workflow execution integrity. You may use both together during investigations, audits, or compliance reviews.
Types of actions logged¶
The following table describes the types of actions that are logged.
| Activity | Category |
|---|---|
| Register | User management |
| Log in | User management |
| Update password | User management |
| Update email | User management |
| Invite user to organization | User management |
| Change user roles | User management |
| Create workspace | Workspace management |
| Accept/Reject workspace invite | Workspace management |
| Update workspace details | Workspace management |
| Archive/Unarchive workspace | Workspace management |
| Update workspace's no-code jobs templates | Workspace management |
| Create/Delete directory | Data management |
| Upload/Update/Share/Rename/Remove/Download/Delete dataset | Data management |
| Request cloud data access | Data management |
| Generate test data | Data management |
| Create/Test/Review/Submit/Delete/Cancel job | Job management |
| Update job details | Job management |
| Create/Update/Delete job input variable | Job management |
| Request/Cancel job review | Job management |
| Revoke job repeatability | Job management |
| Create/Update/Review/Delete/Launch/Shut down workflow | Workflow management |
| Request/Cancel workflow review | Workflow management |
| Create/Upate/Delete integration configuration | Integration management |
| Get audit logs | Audit log management |
Access logs¶
Opaque provides two role-based log views:
- Organization-level logs: Visible only to organization admins. To access them, select Trust in the left-hand navigation, then open the Audit logs tab.
- Workspace-level logs: Visible to workspace admins who created the workspaces. These logs are available from within your workspace, on the Audit logs tab.
Navigate the Audit Logs tab¶
The Audit Logs tab is designed for quick review and filtering:
- View audit logs.
- Search and filter logs.
- Export logs with current filters applied.
- View signature with which to verify logs.
To access organization-level audit logs, select the Trust → Audit logs.
The core elements of the organization-level Audit logs tab.
To access workspace-level audit logs, open your workspace and select the Audit logs tab.
A workspace-level Audit logs tab.
Audit log details¶
The data table on the Audit Logs page lists all available data sets. Each entry in the table includes:
- Actor: User who performed the action.
- Workspace: Applicable workspace (if any).
- Action: Type of action performed.
- Timestamp: Date and time of the event.
- Status: Indicates success or failure.
By default, logs are sorted by timestamp (most recent first). Click a column header to change the sort order.
View log details¶
To view individual log details, click the more () icon next to a log entry.
The panel displays the full event record in JSON format for inspection and compliance traceability:
- Event ID: Auto-generated identifier for the audit event.
- Activity: Type of action performed (e.g., Create Workspace, Update Service).
- Category: High-level classification of the action (e.g., WorkspaceManagement, ServiceManagement).
- Description: Human-readable summary of the action.
- Timestamp: When the action occurred (UTC).
- User ID / Name: Actor who performed the action.
- Workspace: The workspace associated with the action (if applicable).
- Entity: The target of the action (e.g., workspace, service), including name, type, and UUID.
- Extra fields: Additional context captured in the audit event.
Search and filter logs¶
When looking for a specific audit log, you have two options: you can search or filter.
- To search: Use the search bar at the top of the Audit logs tab to find specific entries by keywords across all fields.
- Use the time range selector to quickly filter log entries by a predefined window, such as the last 24 hours, last 7 days, last 30 days, last 3 months, or last 12 months.
- For additional filter options, click the Filter icon to refine logs based on:
- Actor: Search by user name.
- Workspace (organization view only): Filter by specific workspaces.
- Action: Filter by action type.
- Category: Select one or more categories.
- Status: Filter by "success" or "failure."
Export audit logs¶
You can export either all existing logs or only logs that meet your filter criteria.
To export logs:
- Navigate to the Audit Logs page.
- (Optional) Apply filters to limit the number of logs shown.
- Click Export to download a ZIP file containing:
- audit_logs_query.txt: The query used, including filters.
- results.csv: The exported logs.
- signature.bin: A signature file for data integrity verification.
Verify exported logs¶
Opaque uses a public-private key pair to sign exported audit logs, so you can verify they haven't been modified after export.
To verify exported logs, you need:
- OpenSSL installed. Download it from OpenSSL.
- Opaque's public key signing file (PEM), used to verify signatures on exported audit logs (download file).
Follow these steps:
- Unzip the exported audit log bundle. The ZIP includes:
- results.csv
- audit_logs_query.txt
- signature.bin (the signature for the export)
- Open a terminal and navigate to the directory containing the extracted files.
-
Combine the exported CSV and TXT files into a single input file named
combined_file.txtfor verification: -
Verify the export signature using OpenSSL (replace
with the PEM file provided by Opaque): -
Check your output. If verification succeeds, OpenSSL prints "Verified OK."
If verification fails, reach out to your Opaque contact for assistance.