Review Activity Logs
Activity Logs help the owner investigate recorded access and business actions, including successes, failures and denied attempts where the workflow writes an audit event.
Filter the log
Section titled “Filter the log”- Open Administration → Activity Logs.
- Start with the default 30 Days view or choose another preset/custom range.
- Filter by actor name/email, role, module, action, status or location.
- Add IP address or keyword only when needed.
- Open the matching row’s details drawer.
- Compare the recorded time, actor, target, location, status and customer-safe context with the source record.
The details can include action metadata and old/new values when the source workflow recorded them. Activity Logs do not provide a customer-facing export and should not be treated as a complete forensic or accounting archive.
Useful investigations
Section titled “Useful investigations”- unexpected login-detail or permission changes;
- user invitation, password reset or access denial;
- leave approval and payroll creation/finalization/payment status;
- subscription plan changes;
- Global Search result opening;
- business record actions that explicitly write an audit event.
For notification delivery, use Notification Centre logs. For payroll changes, also use the selected payroll run’s Audit tab. For imports, open the individual import job record.
Interpret results safely
Section titled “Interpret results safely”An absent event does not prove that nothing happened; not every screen records the same audit detail. IP address, actor label and metadata are investigation clues, not proof of a person’s intent. Confirm the underlying record and speak to the authorised user before making access changes.
Last reviewed:
