Audit Log

Overview

The Audit Log provides a centralized, immutable audit trail of all actions performed within a Firefly tenant. It captures user and API activity across all Firefly domains, including Inventory, Governance, Workflows, Integrations, and more.

The Audit Log is designed for:

• Security and compliance audits

• Operational troubleshooting and debugging

• Change traceability across cloud infrastructure

Every logged event includes contextual metadata such as the actor, action, target, scope, request/response payloads, and execution status.

What Gets Logged

Action Scopes

The following domains are covered:

• Inventory (inventory:*)

• Workflows (workflows:*)

  • Workspaces

  • Projects

  • Variable sets

  • Workflow runs

• Governance (governance:*)

• Integrations (integrations:*)

• Users, Teams, Roles

  • users:*

  • teams:*

  • roles:*

• API Keys (api:*)

• Notifications (notifications:*)

• IaC Explorer & Drift Management

  • iac-*

  • drift-exclude:*

Audit Log UI

Location

Settings → Audit Log

Table View

The Audit Log is displayed as a sortable, paginated table.

Filtering & Search

The Audit Log supports advanced filtering to quickly locate relevant events.

Available Filters

• Actor (user or API token)

• Action (multi-select)

• Scope (multi-select)

• Status (success / failure)

• Time Range (last X days or custom)

Exporting Logs

Filtered results can be exported as a CSV file for offline analysis, compliance reviews, or external tooling.

Exports reflect only the currently applied filters.

RBAC & Visibility

Access to the Audit Log is controlled via RBAC.

• Viewing logs requires the audit-log:read permission.

• Visibility is scoped to the user's role and tenant.

• Sensitive fields may be masked based on role permissions (GA).