Skip to main content
View a searchable, filterable audit trail of all platform configuration changes made in your organization. Navigate to Settings → Log Management → System Log to open the log. Platform admin access is required.

What is logged

The System Log records every configuration change made through the Airia platform: user logins and logouts, resource creation, editing, and deletion, permission and role assignments, and policy changes. Each entry captures who made the change (the actor), the affected resource, the operation performed, and a timestamp. The System Log is distinct from SIEM Log Forwarding, which streams events to an external SIEM destination in real time.

Filtering log entries

Use the filter bar to narrow the log to the events you need.
FilterWhat it matches
Date rangeEntries within a specific time window
UserEntries from a specific actor
ProjectEntries scoped to a specific project
Resource typeThe type of entity affected — Agent, Knowledge source, Credential, Policy, and 40+ more
OperationThe action taken — Create, Edit, Delete, Login, and 60+ more
SeverityEvent severity level: Low, Medium, High, or Critical
Multiple filters combine as AND — only entries matching all active filters are shown.

Exporting log entries

Select Export CSV to download the currently filtered log entries as a CSV file, delivered as a zip archive. The export respects all active filters and the selected date range. Export is not available for users with the Read-Only Admin role.

Access

The System Log requires the System Log → Read permission. The following built-in roles include this permission by default: Platform Admin, Admin, Read-Only Admin, and Security Admin.