Understanding Audit Logs
Track user activity and changes in DealView with the audit log system.
Audit logs track all significant actions in DealView. Use them for security monitoring, compliance, and investigating issues.
What Gets Logged
DealView logs these activities:
Authentication
- User login and logout
- Failed login attempts
- Password changes
- MFA enrollment/changes
Contract Actions
- Contract uploads
- Contract deletions
- Contract updates
- AI analysis requests
- Export and downloads
User Management
- User invitations
- Role changes
- Permission updates
- User removal
Settings Changes
- Workspace settings
- Integration connections
- Workflow modifications
- Security setting changes
API Activity
- API key creation/rotation
- API requests (by key)
- Rate limit events
Audit logs are retained for 90 days on Standard plans and 1 year on Enterprise plans.
Accessing Audit Logs
- Go to Settings > Security
- Click Audit Log
- View recent activity
Requires admin access to view logs.
Log Entry Details
Each log entry includes:
| Field | Description |
|---|---|
| Timestamp | When the action occurred |
| User | Who performed the action |
| Action | What was done |
| Resource | What was affected |
| IP Address | Request origin |
| Details | Additional context |
Filtering Logs
Find specific events:
By Date Range
- Last 24 hours
- Last 7 days
- Last 30 days
- Custom range
By Action Type
- Authentication events
- Contract actions
- User management
- Settings changes
By User
Search for activity by specific user.
By Resource
Filter to specific contract or workspace.
Searching Logs
Use the search bar to find:
- Specific user emails
- Contract names
- Action types
- IP addresses
Exporting Logs
Download logs for external analysis:
- Apply desired filters
- Click Export
- Choose format (CSV or JSON)
- Download file
For compliance audits, export logs covering the audit period and include all action types.
Common Use Cases
Security Investigation
Find unauthorized access:
- Filter by failed logins
- Look for unusual IPs
- Check for off-hours activity
- Review permission changes
Compliance Audit
Prove access controls:
- Export user management events
- Show who has access to what
- Document permission changes
- Demonstrate security controls
Troubleshooting
Understand what happened:
- Search for specific resource
- View all related actions
- Check timestamps
- Identify root cause
Audit Log API
For Enterprise plans, access logs programmatically:
GET /api/v1/audit/log
Filter with query parameters for date, action type, user, etc.
Best Practices
- Review regularly - Check logs weekly for anomalies
- Export periodically - Archive logs before retention expires
- Investigate promptly - Don't ignore suspicious activity
- Document findings - Record security investigations