Audit logs give you a detailed record of activity in your Zite organization. Use them to monitor who did what and when — for security reviews, compliance, and troubleshooting.
Audit logs are available on Enterprise plans. Contact us to enable audit logs for your organization.
What’s tracked
Audit logs capture three categories of events:
Database changes
Every structural change to your Zite databases is logged, including:
- Tables — creating, renaming, deleting, restoring, duplicating, and reordering tables
- Fields — creating, renaming, changing types, deleting, restoring, and reordering fields
- Views — creating, updating, deleting, and changing view settings
- Databases — creating, deleting, copying, importing, and migrating databases
- Imports — Airtable and CSV imports
Security & authentication
- Logins — successful and failed login attempts across all methods (password, Google, Microsoft, SSO)
- Passwords & MFA — password resets, changes, MFA setup and removal
- API keys — enabling and regenerating API access
- Sessions — logouts and session invalidation
User & organization management
- Users — inviting, disabling, and changing roles for team members
- Groups — creating, renaming, and modifying group membership and access
- Organization settings — name changes, MFA requirements, and org deletion
- OAuth apps — creating, deleting, and resetting secrets for developer apps
Each event includes the timestamp, who performed the action, the resource affected, IP address, user agent, and a detailed payload with the specifics of what changed.
Viewing audit logs
Go to Settings → Audit logs in the left sidebar.
You’ll see a table of recent events with:
- Time — hover for the exact timestamp
- Actor — who performed the action and their role
- Action — the event type (e.g.,
db.table.create, auth.login.success)
- Resource — what was affected, including the database name for database events
- Outcome — whether it succeeded or failed
Click any row to open the detail drawer with the full event information, including request metadata and the raw event payload.
Filtering
Use the filter bar at the top of the page to narrow events by:
- Date range — select a start and end date
- Actor type — filter by Org Members, API Keys, or Unknown actors
- Resource type — filter by Users, Tables, Fields, Views, Databases, Groups, or Organization
Filters apply immediately. Click Load more at the bottom to page through results.
Event categories
Events are organized into these categories:
| Category | Description |
|---|
auth | Logins, logouts, password changes, MFA, SSO, sessions |
api | API key management |
developer | OAuth application management |
user | Invitations, role changes, access changes |
org | Organization-level settings |
group | Group creation, membership, and access |
db | Database, table, field, and view changes |
import | Airtable and CSV imports |
For a complete list of every event type and what data is captured, see the event types reference.
Retention
Audit log events are retained for 30 days. Events older than 30 days are automatically removed.
Actor types
Each event records who performed the action:
| Actor type | Description |
|---|
| Org Members | A logged-in user in your organization |
| API Keys | An action performed via the API with a Bearer token |
| Unknown | An unauthenticated action (e.g., a failed login attempt) |