Skip to main content
CCendaro
Book a Demo

Guide

How to view audit logs

Use Admin HQ Compliance to review operational audit evidence without exposing full customer conversations.

Updated 2026-05-02For Owner, Manager

Admin HQ Compliance includes Audit Logs for internal review of key actions across workspaces. Operators can see action, actor, workspace, entity, and creation time, then cross-check related message, AI, consent, privacy, or billing records.

Open Audit Logs

From Admin HQ, open Compliance or go to /admin/compliance. The Audit Logs section is the internal operator table for reviewing operational evidence across workspaces.

Use audit logs to understand who or what triggered an important action. Use the related product records to understand the full business context.

What the table shows

  • Action, such as lead_created, sms_blocked, ai_reply_generated, privacy_request_created, legal_terms_accepted, workspace_settings_updated, or workspace_user_invited.
  • Actor, which may be a user reference or system when the action was automated.
  • Workspace, when the action belongs to a specific workspace.
  • Entity, which combines the entity type and entity reference when available.
  • Created date, which shows when the audit record was written.

What audit logs are for

Audit logs are for accountability and investigation. They help operators answer which action happened, when it happened, which workspace or entity it touched, and whether a user or system process triggered it.

They are not a replacement for Message Events, AI Events, Privacy Requests, Consent Logs, Legal Acceptances, or billing records. Those tables hold the detailed evidence for each domain.

What should stay out of audit logs

Do not use audit logs to duplicate full SMS, email, AI output, customer notes, payment details, or sensitive privacy request details. Audit records should stay minimal and should point operators toward the correct related evidence.

If before_json or after_json exists, treat it as sensitive operational metadata. Review only what is needed for the support, privacy, security, or launch-readiness question.

When to investigate

  • A workspace owner reports that a setting, role, billing state, lead, booking, or message changed unexpectedly.
  • A send was blocked or an AI reply was used and the operator needs to understand the triggering workflow.
  • A privacy request, legal acceptance, invitation, or workspace membership action needs evidence.
  • A launch review needs proof that key controls are writing operational audit records.
  • A support or security review needs to separate user activity from automated system activity.

Safe operating habits

  1. 1Confirm the workspace reference before responding to an operator or owner question.
  2. 2Check whether the actor is a real user or system automation.
  3. 3Avoid exporting audit data unless a support, privacy, legal, or security workflow requires it.
  4. 4Do not paste full customer conversations into follow-up notes.
  5. 5If the action looks suspicious, preserve the audit record and escalate before changing related data.

Was this article helpful?

Your answer helps Cendaro improve launch documentation.