| Field | Description |
|---|---|
| Timestamp | When the action occurred (UTC) |
| Actor | The user who performed the action |
| Action | What was done (e.g., credential.created, trigger.deleted) |
| Target | The resource that was affected |
| Workspace | The workspace where the action took place, if applicable |
Captured actions
Audit logs capture actions in these categories:- Credentials — connect, disconnect, rotate
- Triggers — create, update, delete, activate, deactivate
- Agents — install, uninstall, publish
- Integrations — create, update, publish, delete
- Members — invite, remove, role change
- API keys — create, delete