The Audit Trail page provides a comprehensive, tamper-evident log of every action performed within the Venvera platform. Every creation, modification, deletion, login, and export event is automatically recorded with full context, including who performed the action, when it occurred, what was changed, and the before and after values for updates. The audit trail supports regulatory compliance requirements for traceability and accountability under DORA, NIS2, ISO 27001, GDPR, and the AI Act.
Access to the Audit Trail requires the
audit_trail.view permission. All users with this permission can view audit entries for their own organization. Platform administrators additionally see a cross-tenant view with an Organization column.
Overview Statistics
At the top of the Audit Trail page, three summary statistics cards provide an at-a-glance overview of audit activity:
| Statistic | Description |
|---|---|
| Total Entries | The total number of audit log entries recorded for your organization across all time. This count reflects the filtered results when filters are applied. |
| Today | The number of audit entries recorded today (based on UTC time). Provides a quick indicator of current-day activity levels. |
| This Week | The number of audit entries recorded in the current calendar week (Monday through Sunday). Useful for spotting unusual activity spikes. |
Filter Controls
The Audit Trail provides a robust set of filters to help you locate specific events. All filters can be combined simultaneously and are applied in real time as you adjust them.
| Filter | Type | Options | Description |
|---|---|---|---|
| Module Optional | Dropdown | All Modules, ICT Providers, Contracts, Functions, Incidents, Policies, Risk Assessments, Gap Assessments, Resilience Testing, Regulatory Updates, Users, Settings, Processing Activities, AI Systems, and others depending on enabled frameworks | Filters entries to show only actions performed within the selected module. When set to "All Modules," entries from every module are displayed. |
| Action Optional | Dropdown | All Actions, Created, Updated, Deleted | Filters entries by the type of action performed. "Created" shows new record creations, "Updated" shows modifications to existing records, and "Deleted" shows record removals. |
| Date From Optional | Date picker | Any date | Sets the start of the date range filter. Only entries on or after this date are shown. The date format follows your organization's configured date format preference (DD/MM/YYYY, MM/DD/YYYY, or YYYY-MM-DD). |
| Date To Optional | Date picker | Any date | Sets the end of the date range filter. Only entries on or before this date are shown. Must be equal to or later than the Date From value. |
| Search Optional | Text input | Free text | Searches across user names, email addresses, record identifiers, and module names. Useful for locating actions by a specific user or on a specific record. The search is case-insensitive and matches partial strings. |
To investigate a specific incident or change, combine the Module filter with a Date Range to narrow results quickly. For example, select "Incidents" module with a date range covering the incident's timeline.
Audit Entry Format
Each audit trail entry is displayed as a row in the log table with the following columns:
| Column | Description |
|---|---|
| Timestamp | The exact date and time the action was performed, displayed in your organization's configured date format with full time precision (HH:MM:SS). Timestamps are recorded in UTC and displayed in the user's local timezone. |
| User | The full name of the user who performed the action, with their email address displayed below in smaller text. System-initiated actions (e.g., automated workflows) are attributed to "System." |
| Action | A colour-coded badge indicating the type of action:
|
| Module | The platform module where the action occurred (e.g., ICT Providers, Incidents, Policies, Gap Assessments). |
| Record ID | The unique identifier of the affected record. This can be used to cross-reference with the module's data. For login events, this shows the session identifier. |
| Changes | A numeric count indicating how many fields were modified in this action. For Create actions, this represents the number of fields populated. For Delete actions, this represents the number of fields in the deleted record. Click the entry row to expand and view the full change details. |
| Organization (Platform Admin only) | When viewing the audit trail as a platform administrator, an additional Organization column appears showing the tenant organization name for each entry. This enables cross-tenant audit review without switching context. |
Expanded Entry Details
Clicking on any audit trail entry row expands it to reveal the full details of the change. The format of the expanded view differs based on the action type:
Create Actions
When a record is created, the expanded view shows the complete record as it was created. All populated fields are displayed in a structured list showing the field name and its initial value. This provides a complete snapshot of the record at the time of creation, which is useful for verifying initial data entry accuracy.
Update Actions
When a record is updated, the expanded view shows a before-and-after comparison for each modified field. Each changed field is displayed with its previous value (struck through or in a "before" column) and its new value (highlighted or in an "after" column). Only fields that actually changed are shown; unchanged fields are omitted to keep the view focused. This side-by-side comparison makes it straightforward to understand exactly what was modified and by whom.
Delete Actions
When a record is deleted, the expanded view shows the complete record as it existed immediately before deletion. All fields and their values are displayed, providing a full snapshot that can be referenced if the deletion needs to be investigated or the data needs to be restored.
Audit trail entries cannot be edited or deleted by any user, including platform administrators. This immutability ensures the integrity of the audit log for regulatory compliance purposes. Entries are retained in accordance with your organization's data retention policy.
Pagination
The audit trail displays 50 entries per page. When the total number of entries (after filtering) exceeds 50, pagination controls appear at the bottom of the table. You can navigate between pages using the Previous and Next buttons, or jump to a specific page. The current page number and total page count are displayed between the navigation buttons.
Using the Audit Trail
Open the sidebar and click Audit Trail under the Reports & Settings section. The page loads with all audit entries displayed, most recent first, alongside the summary statistics.
Use the filter controls at the top of the page to narrow the displayed entries. Select a Module to focus on a specific area, choose an Action type, set a Date Range, or enter a search term. Filters are applied immediately.
Scan the audit log entries in the table. Review the timestamp, user, action badge, module, and changes count for each entry. Entries are ordered chronologically with the most recent action at the top.
Click on any entry row to expand it and view the full change details. For updates, review the before/after field comparison. For creates and deletes, review the complete record snapshot.
If the filtered results span multiple pages, use the pagination controls at the bottom to move between pages. Each page shows up to 50 entries.
Platform Administrator View
Platform administrators have an enhanced view of the audit trail that spans all tenant organizations. The key differences are:
- An additional Organization column is displayed, showing the tenant name for each audit entry
- All filters apply across all tenants, enabling cross-organization investigation
- The summary statistics (Total Entries, Today, This Week) reflect all tenants combined
- The Search filter can be used to locate entries by organization name
The audit trail supports compliance with DORA Article 11 (ICT-related incident management process logging), ISO 27001 Annex A control A.8.15 (Logging), GDPR Article 30 (records of processing activities), and NIS2 Article 21 requirements for accountability and traceability. Maintaining a complete, immutable audit trail is a fundamental control for demonstrating compliance to auditors and regulators.
Frequently Asked Questions
How long are audit trail entries retained?
Audit trail entries are retained indefinitely by default. Your organization's data retention policy may specify a retention period, which can be configured by the platform administrator.
Can I export the audit trail?
The audit trail export functionality allows you to download filtered results. Use the filters to select the entries you need, then use the export action. The export itself is recorded as an audit event.
Why do I see "System" as the user for some entries?
Entries attributed to "System" represent automated platform actions, such as scheduled synchronizations, automated status transitions, or system maintenance operations. These are tracked for completeness.