Skip to main content

Audit logs

Logto's audit log allows you to easily monitor user activity and events. It provides a strong foundation for various user management and health check business scenarios.

View all logs

Navigate to Console > Audit logs. Logto captures and organizes authentication events into a table. It keeps track of the event name, user, application, and timestamp. You can narrow down the results by filtering based on the event name and application name. Clicking on a specific event will provide additional details.

warning:

Audit logs only contain logs that occur during user authentication process, logs of Management API operations is not recorded.

Capture user activity at the tenant level

Logto's logs offer comprehensive details, ensuring ease of action and customer safety. They capture and record the following information:

  • Type of event (full list of audit log events can be found here)
  • Application involved
  • IP address
  • User involved
  • Log ID
  • Timestamp
  • User-agent

By maintaining these event records, organizations can effectively detect possible security risks and promptly address them to prevent unauthorized system access.

Audit log success details page

Perform a detailed analysis at the user level

Administrators can perform a detailed analysis of logs associated with specific users, facilitating comprehensive investigations into specific events. The navigation process is straightforward and user-friendly.

To access user-specific logs, follow these steps:

  1. Navigate to Console > User management.
  2. Select the desired user and go to the detail page.
  3. Click on "User logs". The resulting table will exclusively display log events performed and triggered by that particular user.

Audit logs related to specific user

FAQs

I'm using self-hosted Logto and it takes seconds to get the audit logs, how can I improve the performance?

OSS users should add cronjob to clean up out-dated audit logs regularly.