# Audit Log

## Overview

The Audit Log provides a centralized, immutable audit trail of all actions performed within a Firefly tenant. It captures user and API activity across all Firefly domains, including Inventory, Governance, Workflows, Integrations, and more.

The Audit Log is designed for:

* Security and compliance audits
* Operational troubleshooting and debugging
* Change traceability across cloud infrastructure

Every logged event includes contextual metadata such as the actor, action, target, scope, request/response payloads, and execution status.

## What Gets Logged

### Action Scopes

The following domains are covered:

* **Inventory** (`inventory:*`)
* **Workflows** (`workflows:*`)
  * Workspaces
  * Projects
  * Variable sets
  * Workflow runs
* **Governance** (`governance:*`)
* **Integrations** (`integrations:*`)
* **Users, Teams, Roles**
  * `users:*`
  * `teams:*`
  * `roles:*`
* **API Keys** (`api:*`)
* **Notifications** (`notifications:*`)
* **IaC Explorer & Drift Management**
  * `iac-*`
  * `drift-exclude:*`

## Audit Log UI

### Location

**Settings → Audit Log**

### Table View

The Audit Log is displayed as a sortable, paginated table.

### Filtering & Search

The Audit Log supports advanced filtering to quickly locate relevant events.

#### Available Filters

* **Actor** (user or API token)
* **Action** (multi-select)
* **Scope** (multi-select)
* **Status** (success / failure)
* **Time Range** (last X days or custom)

### Exporting Logs

Filtered results can be exported as a CSV file for offline analysis, compliance reviews, or external tooling.

Exports reflect only the currently applied filters.

## RBAC & Visibility

Access to the Audit Log is controlled via RBAC.

* Viewing logs requires the `audit-log:read` permission.
* Visibility is scoped to the user's role and tenant.
* Sensitive fields may be masked based on role permissions (GA).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.firefly.ai/detailed-guides/audit-log.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.