Audit Log
Audit Log
What is the Audit Log?
The Audit Log gives you a detailed record of every important action that happens in your AutoPhish account. It shows what happened, when it happened, and who did it — giving your team full visibility and supporting your compliance requirements.
All events are recorded automatically. The log is read-only — entries cannot be edited or manually deleted.
Where to find it
Go to Settings → Audit Log in the sidebar navigation.
Who can access it
Role | Access |
|---|---|
User | View audit log for their own company |
Admin | View audit log for their own company |
What events are tracked
The audit log captures events across the entire platform, organized into the following categories:
Authentication
Login, logout, failed login attempts, password changes, password resets, user registration, email verification, and invitations.
Company
Company creation and updates, adding or removing members, role changes, ownership transfers, and switching between companies.
Campaigns
Creating, editing, deleting, sending, and executing campaigns. Also includes pausing, resuming, and approval workflows for recurring campaigns.
Target Lists
Creating, updating, deleting target lists, and importing targets.
Domain & Email Verification
Requesting and completing email/domain verification, adding or removing monitored domains, and DNS scan results.
Security
Starting and completing vulnerability scans, and dismissing security findings.
Billing
Subscription creation, plan changes, cancellations, and checkout sessions.
Education
Training account provisioning in the Training Platform and course completions.
Admin
Platform-level actions such as changing user roles, deleting users or companies, updating platform settings, and managing subscription plans.
System
Automated events like scheduled cleanup runs and cron job executions.
Filtering and searching
The audit log provides several ways to find the events you're looking for:
- Date range — Select a start and end date to narrow results to a specific time period.
- Category — Filter by event category (e.g. Authentication, Campaign, Billing).
- Search — Free-text search across event descriptions.
Filters can be combined to drill down to exactly the events you need.
Understanding the log entries
Each entry in the audit log shows:
Column | What it shows |
|---|---|
Time | When the event occurred |
Actor | Who performed the action (email address, or "System" for automated events) |
Event | The type of event, shown as a color-coded badge |
Description | A plain-language summary of what happened |
IP Address | The IP address the action originated from |
Details | Click to expand and see additional metadata about the event |
The expanded details view shows structured event data, the affected resource (with a link to it where applicable), and the full browser user agent string.
Exporting the audit log
Click the Export CSV button to download the current filtered view as a CSV file. The export respects all active filters (date range, category, search), so you can export exactly the data you need for compliance reporting or internal reviews.
Data retention
Audit log entries are automatically cleaned up after a configurable retention period. The default retention is 60 days.
Once the retention period expires, entries are permanently deleted during the daily automated cleanup.
Event category color reference
Events are color-coded for quick visual scanning:
Category | Color |
|---|---|
Authentication | Blue |
Campaign | Orange |
Company | Green |
Domain | Purple |
Security | Red |
Billing | Yellow |
Education | Teal |
Admin | Gray |
System | Slate |
Target Lists | Indigo |
Frequently asked questions
Can I delete or modify audit log entries?
No. The audit log is append-only by design. Entries can only be removed by the automated retention cleanup.
Why don't I see events from other companies?
The audit log is scoped to your active company. You will only see events that belong to the company you're currently working in.
How quickly do events appear?
Events are recorded in near real-time. They should appear in the log within seconds of the action being performed.
Updated on: 20/02/2026
Thank you!