मुख्य कंटेंट तक स्किप करें

Audit Logs

Track every significant action across your platform with Testify's comprehensive audit trail, including AI decision explainability.

Overview

The audit log system records events across all components of Testify -- from user logins and exam submissions to AI-generated questions and billing transactions. Super admins see logs across all organizations, while org admins see only their organization's activity.

Audit Logs Dashboard

Accessing Audit Logs

  1. Navigate to "Admin" > "Audit Logs"
  2. The main view shows a paginated list of recent events
  3. Each log entry includes:
    • Event name and description
    • Component (e.g., Auth, Exams, Questions, AI)
    • Action performed (create, read, update, delete)
    • User who performed the action
    • Object type and ID affected
    • Severity level
    • Timestamp
    • Whether AI was involved

Filtering Audit Logs

Use the filter controls at the top of the audit log page to narrow down results.

Available Filters

  1. By User -- enter a user ID to see all actions by a specific user
  2. By Component -- filter by system component (Auth, Exams, Questions, AI, Billing, etc.)
  3. By Action -- filter by action type (create, read, update, delete)
  4. By Object Type -- filter by the type of object affected (exam, question, user, etc.)
  5. By Severity -- filter by severity level (INFO, WARNING, CRITICAL)
  6. By Date Range -- set start and end dates to view a specific time period
  7. By Event Name -- search for a specific event name
  8. By AI Involvement -- toggle to show only AI-related events
  9. By Organization -- super admins can filter by organization
  10. Search -- free-text search across event metadata

Applying Filters

  1. Click the "Filters" panel at the top of the audit log page
  2. Set your desired filter values
  3. Click "Apply Filters"
  4. The log list updates to show matching entries
  5. Click "Clear Filters" to reset

Tip: Combine multiple filters for precise results. For example, filter by Component = "AI" and Severity = "CRITICAL" to find AI failures.

Viewing Log Entry Details

  1. Click on any log entry in the list
  2. The detail view shows:
    • Full event metadata
    • User email and name
    • IP address (if recorded)
    • Role at the time of the action
    • CRUD operation type
    • Complete metadata JSON
  3. If AI was involved, the detail view also shows:
    • AI model used
    • AI job ID
    • Decision rationale
    • Confidence score
    • Tokens used
    • Latency in milliseconds

Log Entry Detail

Viewing User Activity Timeline

Track all actions performed by a specific user.

  1. Go to "Admin" > "Audit Logs"
  2. Click "User Activity" tab
  3. Enter the user's ID or select from the dropdown
  4. The timeline shows up to 200 recent events for that user, including:
    • Logins and logouts
    • Exams created or taken
    • Questions added or modified
    • AI features used
    • Settings changed

Tip: Use the user activity timeline during investigations to reconstruct what a user did and when.

Viewing Object History

See the complete audit trail for any specific object (exam, question, user, etc.).

  1. Go to "Admin" > "Audit Logs" > "Object History" tab
  2. Select the "Object Type" (e.g., exam, question, user)
  3. Enter the "Object ID"
  4. The history view shows every action performed on that object, in reverse chronological order

This is useful for tracking the lifecycle of an exam from creation through publication to grading.

AI Decision Audit Trail

Testify logs all AI operations with explainability data for transparency and compliance.

Viewing AI Events

  1. Go to "Admin" > "Audit Logs" > "AI Events" tab
  2. The AI events list shows all AI-involved operations with:
    • AI model used (Gemini, OpenAI, DeepSeek, Claude, etc.)
    • Object type affected
    • User who triggered the operation
    • Confidence score
    • Tokens consumed
    • Latency

Filtering AI Events

  1. By Model -- see events for a specific AI provider
  2. By Object Type -- filter by what the AI operated on (question, explanation, etc.)
  3. By Date Range -- narrow to a specific time period

Viewing AI Explainability Details

  1. Click on an AI event in the list
  2. The explainability view shows:
    • Input Summary -- what was sent to the AI model
    • Output Summary -- what the AI returned
    • Decision Rationale -- why the AI made its decision
    • Confidence Score -- how confident the AI was (0-100%)
    • Tokens Used -- total tokens consumed
    • Latency -- response time in milliseconds
  3. Related events are shown below, showing the full AI job timeline

Viewing AI Job Details

  1. Go to "Admin" > "Audit Logs" > "AI Events"
  2. Click on an AI event
  3. Click "View Full Job" to see the complete job timeline
  4. The job view shows:
    • Job ID
    • Explainability record
    • All events associated with this AI job in chronological order
    • A visual timeline of the job's lifecycle

Audit Statistics Dashboard

Get a high-level overview of audit activity.

General Statistics

  1. Go to "Admin" > "Audit Logs" > "Statistics" tab
  2. Configure the time period (default: 30 days)
  3. The dashboard shows:
    • Total Events -- number of logged events
    • Critical Events -- count of critical-severity events
    • Warning Events -- count of warning-severity events
    • AI Events -- number of AI-involved operations
    • Unique Users -- number of distinct users who generated events
    • Active Days -- number of days with activity
  4. Additional charts display:
    • Events by component (bar chart)
    • Daily event trend (line chart with AI overlay)
    • Top 10 most frequent events
    • Recent critical events list

Audit Statistics

AI-Specific Statistics

  1. Navigate to the "AI Stats" sub-tab
  2. View AI usage broken down by:
    • Model -- usage count per AI provider, with average tokens
    • Object Type -- what AI is being used for most
    • Daily Trend -- AI usage over time

Tip: Monitor AI statistics to optimize your AI provider configuration and control token costs.

Exporting Audit Logs

Export logs as CSV for compliance, reporting, or external analysis.

  1. Go to "Admin" > "Audit Logs"
  2. Click "Export"
  3. Set the date range:
    • "Start Date" -- beginning of the export period (defaults to 30 days ago)
    • "End Date" -- end of the export period (defaults to today)
  4. Click "Download CSV"
  5. The CSV file includes:
    • Event ID, name, component, action
    • Object type and ID
    • User ID and email
    • Organization ID
    • Role at time of action
    • CRUD type and severity
    • AI involvement details (model, job ID)
    • IP address
    • Timestamp

Tip: Exports are limited to 10,000 entries and 90 days maximum. For larger exports, use multiple date ranges.

Scope and Visibility

Super Admin View

Super admins see all audit logs across every organization. They can filter by organization to narrow the view.

Org Admin View

Org admins see only their organization's logs. The system automatically filters events to the admin's tenant, so there is no risk of cross-tenant data exposure.

Troubleshooting

No Logs Appearing

  • Ensure you have the correct role (Admin or Super Admin)
  • Check your date range filters -- logs may be outside the selected period
  • Verify the audit logging service is running (check server logs for errors)

Export Produces Empty File

  • Verify there are logs matching your date range and filters
  • Try expanding the date range
  • Check that the export endpoint is accessible (network issues)

AI Events Not Showing Explainability

  • Not all AI operations generate explainability records
  • Older AI events may lack explainability data if the feature was added later
  • Check that the AI explainability table has been migrated