Audit Log
Governance without visibility is performative. Querri’s audit log records every security-relevant action in your organization — who did what, when, and from where — in a single, unified stream.
What’s logged
Section titled “What’s logged”Every action that touches security flows into the audit log:
Policy events
Section titled “Policy events”| Event | What happened |
|---|---|
| Policy created | A new access policy was created |
| Policy updated | A policy’s name, filter, or scope was changed |
| Policy deleted | A policy was removed |
| User assigned | A user was added to a policy |
| User removed | A user was removed from a policy |
API key events
Section titled “API key events”| Event | What happened |
|---|---|
| Key created | A new dk_ API key was created |
| Key revoked | A key was deactivated |
| Key used | A key was used to access data |
Data access events
Section titled “Data access events”Dashboard views, data queries, AI interactions, exports, and shares are all recorded with the actor’s identity and security context.
What each event contains
Section titled “What each event contains”Every audit entry includes:
- Who — the user or API key that performed the action
- What — the specific action taken
- When — timestamp of the event
- Where — client IP address
- Details — additional context, like old and new values for policy updates
Viewing the audit log
Section titled “Viewing the audit log”Go to Settings > Security > Audit Log. Events appear in reverse chronological order.
Filtering
Section titled “Filtering”Narrow down events by:
- Actor — show events by a specific user
- Target — show events for a specific policy or key
- Action type — show only specific event types
- Date range — filter by start and end dates
Compliance support
Section titled “Compliance support”The audit log is designed to support common compliance frameworks:
- SOC 2 — demonstrates access controls and monitoring
- HIPAA — tracks access to protected health information
- GDPR — provides evidence for data access requests and right-to-know inquiries
Retention
Section titled “Retention”- Default retention: 1 year (365 days)
- Extended retention: Up to 6 years for HIPAA and other regulatory requirements
- Events are automatically cleaned up after the retention period expires
A unified view
Section titled “A unified view”Unlike platforms that fragment audit data across dozens of service types or restrict it to technical admin roles, Querri provides a single audit stream covering all access methods. One place to look, accessible to any organization admin.
Next steps
Section titled “Next steps”- Access Policies — The policies that generate audit events
- API Keys — Key lifecycle events in the audit log
- Admin Controls — Organization-wide governance settings