# Audit Logs
Audit-Logs are essential for teams that require **security visibility**, **compliance readiness**, and **operational accountability** β especially when managing multiple environments (e.g., Development, Staging, Production).
Audit Logs provide a **detailed record** of everything that Users do in your Lowcoder environment. They help you:
* **Trace Lowcoder App Developer behavior** for security monitoring
* **Meet compliance standards** (e.g., SOC2, ISO27001)
* **Investigate changes or issues** with full contextual data
* **Understand how apps and resources are being managed**
.png?alt=media&token=8e5c9f25-4cfb-4e23-8671-1fe8ec746dcb)
### Tracked Events
Lowcoder logs all critical operations, including authentication, app interactions, resource management, and system-level actions.
#### π User Sessions
* Sign in
* Logout
#### 𧩠App Operations
* View app
* Create new app
* Update app
* Delete app
* Move app to folder
* Move app to Trash
* Restore app
#### π Folder Operations
* Create new folder
* Update folder
* Delete folder
#### π Data Query Activity
* Execute data query
#### π₯ User Group Management
* Create user group
* Update user group
* Delete user group
* Add group member
* Remove group member
* Update member role
* Leave user group
#### π οΈ Platform/System
* Server startup
#### π Data Source Management
* Create data source
* Update data source
* Delete data source
* Grant permission
* Update permission
* Delete permission
#### 𧱠Library Queries
* Create library query
* Update library query
* Delete library query
* Publish library query
### What Data Is Logged?
Each audit entry records the **who**, **what**, **when**, **where**, and **how** of the event.
#### π Metadata Collected:
| Field | Description |
| ------------------------------------ | --------------------------------------------------------- |
| **Event ID** | Unique ID for the log entry |
| **Event Time** | Timestamp of the action |
| **Event Type** | Type of action (from the list above) |
| **User ID** | Identifier of the acting user |
| **Organization ID** | Context in which the action took place |
| **Application ID** | Related app (if applicable) |
| **Details** | Description of what was changed (e.g., old and new names) |
| **Geolocation** | Location data derived from IP |
| **User Agent Data** | Full client fingerprint, including: |
| β Name, Device Class, Brand | |
| β OS name and version | |
| β Browser engine and version | |
| β Webview container info (if mobile) | |
This ensures **maximum traceability** and **complete accountability**.
### Multi-Environment Support
When running multiple Lowcoder environments via the Enterprise βStagingβ setup, all audit logs are **centralized** β enabling you to:
* View logs **across environments**
* Compare activity **between Dev, Staging, and Prod**
* Maintain a **single pane of glass** for security audits
### Exploring Audit Logs in the UI
Lowcoder Enterprise offers a **dedicated Audit Log UI**, where administrators can:
* Use filters to drill down by:
* **Environment**
* **Workspace**
* **User**
* **Apps**
* **Event Type**
* **Time range**
* View a **bar chart** for quick visual overview of activity volume
* Inspect a **detailed table** of events
* **Expand any row** to see the full event payload, including:
* Metadata
* Device + browser info
* Action-specific details
This gives you a **high-resolution view** of every interaction.
.png?alt=media&token=6ef13491-0310-409c-8c0f-a531a9f61082)
**Event Details Page :**
Each Event has an Event details page, which include all the information about the Event, User's location and device/OS/Browser information.
.png?alt=media&token=6e068502-0643-42f9-8fa9-0defef37b4da)