View the system audit log
The System Audit Log is the operational record of who signed in, who changed accounts and roles, what settings were updated, and when the server started or stopped. Open it to investigate a sign-in problem, confirm an account change, or review configuration activity.
This is not the per-record change history for your domain data. To see who edited a Site, Sample, or Lab Report, use Activity Hub → Audit Log instead. The two logs live in separate databases and answer different questions — see Aggregates, locking, and auditing for the distinction.
- Role required: Administrator. The System Audit Log opens only for the Administrator role.
Steps
-
Go to Administration → System Audit Log. The page opens to the most recent events, newest first.
-
Read the grid. Each row is one event with these columns:
Column What it shows Time When the event occurred Category The event group — for example Authentication or Configuration Event The specific event type, such as Login or Setting Updated Result The outcome — Success, Failure, Blocked, Timeout, Partial Success, or Unknown User The actor (display name, falling back to the user ID) Description A one-line summary of what happened -
Select any row to open the full entry. The detail view adds the IP address, user agent, request ID, correlation ID, affected entity, structured additional data, and error details when present.
-
Sort, search, and export from the grid toolbar. Sorting, the search box, and paging all run on the server, so they apply across the whole log — not just the rows on screen. Export downloads the full filtered set as XLSX or CSV. The grid shows Time in your local time zone; the exported Time (UTC) column is in UTC, so the file reads consistently wherever it is opened.
Filter the log
The grid loads events on demand from the server and pages through the entire log — there is no row cap, so older events are always reachable by paging or filtering. Use the toolbar page-size selector to change how many rows load at a time. Use the filter to scope the feed before you page or search.
-
Select Filters in the grid toolbar. The Filter Audit Log dialog opens.
-
Set any of these criteria:
Field What to enter Category One event group (see the table below) Result One outcome value Event One specific event type User ID An exact user ID match From / To The start and end of a date range Failures only (Failure, Blocked, Timeout) Limit to non-success events -
Select Apply. Active filters appear as chips above the grid; remove one with its ×, or select Clear all to reset.
Event categories
The System Audit Log groups events into categories. In this release, Erde records events in four of them; the remaining categories are reserved and stay empty until their features ship.
| Category | Records in this release |
|---|---|
| Authentication | Sign-in and sign-out, password changes and resets, account lock and unlock, token revocation and misuse, and single sign-on events |
| User Management | Creating, updating, and deleting users; assigning and removing roles; admin password resets; and users updating their own profile |
| Configuration | System setting updates and rejected setting changes (encrypted values are recorded as [REDACTED]) |
| System | Server start and shutdown, and completion of first-run setup |
| Database Management | Reserved — no events yet |
| Security | Reserved — no events yet |
| Background Tasks | Reserved — no events yet |
| Maintenance | Reserved — no events yet |
| Backup Management | Reserved — no events yet |
Result
You see the matching events newest first. Each row identifies the actor, the event, and its outcome; selecting a row opens the full entry, including the originating IP address and request and correlation IDs for tracing.
Troubleshooting
| Symptom | Cause | Resolution |
|---|---|---|
| The page does not appear under Administration | You are not an Administrator | The System Audit Log is Administrator-only; sign in with an account that has the Administrator role |
| There are more events than fit on one page | The log is large | Move through pages with the pager, or narrow the date range or add a Category, Event, or Result filter; the grid pages the full log server-side, so nothing is hidden |