Audit Log

The Audit Log records who changed what, and when inside a tenant. Every change to an Action, a Step, or a tenant resource such as an App, Skill, Variable, or Secret is written to a tamper-evident, append-only log that Tenant Admins can review and export. This is the trail auditors use to answer questions like "who edited this Action's prompt last quarter, and what did it say before?"

Tenant Admins open it from Tenant Admin > Audit Log.

What Gets Logged

The Audit Log is a change history, not a sign-in or activity log. It captures edits to the things a tenant configures:

• Actions — created, updated, deleted, duplicated, and imported.
• Steps — added, updated, and deleted, including small auditable fields such as a renamed branch, an added tool or input, and an output-filter change.
• Apps — created, updated, deleted, imported, and credential changes (credentials configured, credentials removed, and connecting an interactive MCP OAuth session).
• Skills — created, updated, and deleted.
• Variables and Secrets — created, updated, and deleted (see Tenant Admin > Variables & Secrets).

For Secrets and other sensitive fields, the log records that a value changed and by whom — it does not store the secret value itself.

What is not in the Audit Log

• Sign-ins and sessions. The Audit Log does not record logins, IP addresses, or user agents.
• Run executions. Use Runs and a Run's history for what happened when an Action executed; the Audit Log is about configuration changes, not runtime events.
• User and role changes. Membership and role assignments are managed in Tenant Admin > Users.
• Long free text in full. Large text such as a full prompt body is summarized as a before/after change, not stored field-by-field beyond what is needed to show what changed.

What Each Entry Contains

Every entry answers who, when, and what:

• Resource — the Action name, or the resource type and name (for example App: Microsoft Exchange - AP).
• Change type — a labelled chip such as Created, Updated, Deleted, Step Added, Step Updated, Step Deleted, Credentials Configured, or Credentials Removed.
• Step — the Step name, when the change applies to a specific Step.
• Changed by — the identity of the user who made the change (their email or display name).
• Date and time — when the change happened. The on-screen time is shown in your browser's local time zone; the CSV export uses UTC.
• Field-level detail — for updates, the changed fields with their old and new values. Text changes show an inline before/after diff; select Show diff to highlight exactly what changed.

Filtering

The Audit Log is filtered by date range:

1. Set the From and To dates.
2. Select Search.

By default the view shows the last 30 days. The header shows how many entries matched (for example, 42 entries found), and entries are listed newest first. The view loads the most recent matching entries for the range; narrow the date range to focus on a specific period.

The tenant-wide Audit Log filters by date only — there is no user, resource, or change-type filter in the view. To isolate a single user, Action, or change type, export to CSV and filter the columns in Excel, or use the per-Action Audit Timeline described below.

Per-Action Audit Timeline

To review the history of one Action without scanning the whole tenant, open that Action's Version History and switch to the Audit Timeline tab. It shows the same who/when/what change entries, scoped to that Action and its Steps. This is the quickest way to answer "what changed on this Action, and who changed it?"

Export to CSV

Select Export CSV to download the entries currently shown. The export reflects the current date-range view — what you filter is what you export.

• Format. A single .csv file that opens directly in Excel. The file is semicolon-delimited and includes an Excel hint line so columns line up automatically when opened.
• Columns. Resource, Change Type, Step, Changed By, Date, Field, Old Value, New Value.
• One row per changed field. An entry that changed three fields produces three rows that share the same resource, change type, user, and timestamp — so each before/after value sits in its own row, ready for filtering or pivoting.
• Dates. The exported Date column is in UTC (ISO 8601), so exports are unambiguous across time zones.
• File name. audit-log-<date>.csv.

To export a longer period, widen the From/To range before exporting; the export always matches what the view has loaded.

Access Control

Viewing and exporting the Audit Log require the Admin tenant role (Global Admins also have access). The same role covers both viewing and exporting — there is no separate export permission.

The Read-Only role does not grant access to the Audit Log, even though Read-Only is the role typically given to auditors and reviewers. An auditor who needs to pull the change history themselves must be given the Admin role for that tenant; otherwise, a Tenant Admin produces the export on their behalf. See Roles and Permissions for the full role breakdown.

Retention

Audit entries are kept indefinitely — Studio does not automatically purge or expire them. An Action's audit entries are removed only if the Action itself is deleted, and a tenant's entries are removed only if the tenant is deleted. For a long-term, system-independent record, export to CSV on a regular schedule and archive the files.

Worked Example: Produce All Changes to an Action for a Quarter

An auditor asks: "Show every change to the Daily Invoice Report Action in Q1 — who made each change and what changed."

1. Open the Audit Log. Go to Tenant Admin > Audit Log.
2. Set the period. Set From to the first day of the quarter and To to the last day, then select Search.
3. Export. Select Export CSV and save the file.
4. Filter to the Action in Excel. Open the CSV, turn on filtering, and filter the Resource column to Daily Invoice Report. Each row shows the change type, the Changed By user, the UTC Date, and the Old Value / New Value for the field that changed.
5. Deliver. Hand the filtered sheet to the auditor — it is the complete, attributable change history for that Action over the quarter.

For a quick on-screen check of a single Action instead of an export, open that Action's Version History > Audit Timeline.

Things to Know

• The Audit Log is a configuration change history — it records edits to Actions, Steps, Apps (including credential changes), Skills, Variables, and Secrets, not logins or run executions.
• Entries capture who, when, and the field-level before/after of what changed; secret values themselves are never stored.
• The tenant-wide view filters by date range only; default is the last 30 days, newest first.
• Export CSV exports the current date-range view as a single Excel-friendly CSV, one row per changed field, with UTC timestamps.
• Access is Admin-only (Global Admins included); the Read-Only role cannot open it.
• Entries are retained until the parent Action or tenant is deleted — there is no automatic purge, so export and archive for long-term retention.

---