Audit Log
The Report Forge audit log records every action taken on blueprints, editions, outputs, and workspace configuration. It is the authoritative record for compliance reviews, dispute resolution, and security investigations.
Access: Workspace Settings → Audit Log (Workspace Admin only).
What is logged
Blueprint events
| Event | Fields recorded |
|---|---|
| Blueprint created | User, timestamp, blueprint name |
| Blueprint design changed | User, timestamp, changed field/section (summary) |
| Blueprint published | User, timestamp, version number, version note |
| Blueprint archived | User, timestamp |
| Blueprint restored | User, timestamp |
| Blueprint deleted | User, timestamp |
Edition events
| Event | Fields recorded |
|---|---|
| Edition created | User, timestamp, edition name, blueprint |
| Edition data saved | User, timestamp, section modified, field count changed |
| Edition submitted | User, timestamp |
| Edition recalled | User, timestamp |
| Edition comment added | User, timestamp, comment level (field/section/edition), field path |
| Edition changes requested | User, timestamp, open comment count |
| Edition resubmitted | User, timestamp |
| Edition approved | User, timestamp |
| Edition closed | User, timestamp |
| Edition assignee changed | User, timestamp, old assignee, new assignee |
| Edition re-opened | User, timestamp, from status |
Output events
| Event | Fields recorded |
|---|---|
| Output generated | User, timestamp, output template name, format |
| Output downloaded | User, timestamp, format |
| Scheduled export completed | Timestamp, format, delivery status |
| Scheduled export failed | Timestamp, error code |
Access and team events
| Event | Fields recorded |
|---|---|
| Member invited to project | Inviting user, timestamp, invited email, role |
| Member role changed | User, timestamp, changed member, old role, new role |
| Member removed from project | User, timestamp, removed member |
| Member added to workspace | User, timestamp, email |
| Member removed from workspace | User, timestamp |
Configuration events
| Event | Fields recorded |
|---|---|
| Workspace settings changed | User, timestamp, setting name, old value, new value |
| Data connection created | User, timestamp, connection name, type |
| Data connection credentials updated | User, timestamp |
| Data connection deleted | User, timestamp |
| API key created | User, timestamp, key name, scope |
| API key revoked | User, timestamp, key name |
| Notification settings changed | User, timestamp |
Viewing the audit log
Workspace-level log
- Go to Workspace Settings → Audit Log.
- The log shows all events across all projects in the workspace, newest first.
- Use filters to narrow results (see below).
Project-level log
- Open a project → Project Settings → Audit Log.
- Shows only events for this project's blueprints and editions.
Edition-level activity log
- Open any edition → Activity log (right panel).
- Shows the lifecycle and comment history for this specific edition.
- This is the primary view for reviewers and contributors — the workspace audit log is for admins only.
Filtering the audit log
| Filter | Options |
|---|---|
| Date range | From / To date picker |
| Event type | Blueprint, Edition, Output, Access, Configuration (multi-select) |
| User | Filter by specific user name or email |
| Project | Filter by project (workspace-level log only) |
| Blueprint | Filter by blueprint name |
| Edition | Filter by edition name |
| Status | Success / Failed (for output and sync events) |
Combine filters: date range + user + event type is the most common combination for security reviews.
Exporting the audit log
- Apply any required filters.
- Click Export → CSV.
- The CSV contains all visible log entries with full field details.
CSV columns:
Timestamp, Event type, User, User email, Project, Blueprint, Edition, Detail, IP address (if enabled)
The CSV is suitable for import into Excel, Splunk, or other log analysis tools.
Audit log exports are limited to 50,000 rows per export. For larger date ranges, export in segments (e.g. monthly exports).
Common audit scenarios
Scenario 1 — Who approved a specific edition?
- Go to Audit Log.
- Filter: Event type = Edition, Event = "Edition approved".
- Search for the edition name.
- The log shows the approving user, their email, and the timestamp.
Scenario 2 — What changed in an edition before approval?
- Open the edition → Activity log.
- Filter by Data changes.
- The log shows which sections were modified, how many fields changed, and by whom.
Scenario 3 — Was an edition approved without a reviewer change?
- Filter audit log: Event type = Edition, user = the contributor (not a reviewer).
- Look for a sequence:
submitted → approvedwhere the approving user is the same as the submitting user. - This indicates self-approval — a governance violation if your policy requires separate reviewer approval.
Scenario 4 — Who accessed a confidential edition?
- Filter: Event type = Edition, Event = "Output downloaded" OR "Edition data saved".
- Filter by the specific edition name.
- Review all users who accessed the edition.
Scenario 5 — When was a blueprint structurally changed?
- Filter: Event type = Blueprint, Event = "Blueprint published".
- Filter by blueprint name.
- Each publish event shows the version number and the version note entered by the designer.
Data retention
| Log type | Retention period |
|---|---|
| Edition events | Retained indefinitely (linked to edition record) |
| Blueprint events | Retained indefinitely |
| Access events | Retained for 3 years (default) |
| Configuration events | Retained for 3 years (default) |
| Output events | Retained for 3 years (default) |
Retention periods can be configured for compliance requirements. Contact Kazinex support to adjust retention settings beyond the defaults.
Privacy considerations
The audit log records user identities (name and email) for all actions. This is necessary for accountability and compliance.
Access controls:
- Only Workspace Admins can view the workspace-level audit log.
- Project Admins can view the project-level audit log.
- Standard members (contributors, reviewers) can view the edition-level activity log for editions they are assigned to — they cannot see who performed actions they were not involved in.
Data subject requests: If a member requests deletion of their personal data (right to erasure under privacy regulations), the audit log entries cannot be deleted — they form part of the accountability record. The member's email and name may be anonymised in the log upon request, subject to Kazinex's data processing agreement.
What's next
- Reporting Governance — governance policy and responsibility matrix
- API Access — exporting audit log data via API
- Team Roles — who has access to which log views