Audit Logging
A complete record of every security-relevant action in your organization. Know who did what, when, and from where — with full traceability from login to logout.
mike@acmeplumbing.com · 2 min ago
owner@acmeplumbing.com · 14 min ago
unknown@example.com · 28 min ago
owner@acmeplumbing.com · 1 hr ago
sarah@acmeplumbing.com · 3 hr ago
Full visibility into every action
Every security-relevant event is captured automatically. No configuration needed — audit logging starts the moment the feature is enabled.
Authentication Tracking
Login successes, failures, logouts, and token refreshes — all recorded with timestamps and source details.
Account Lifecycle
Creation, activation, deactivation, locking, and deletion events are logged with full actor context.
Role & Permission Changes
Track every role assignment and view permission change with before-and-after values.
IP & Device Capture
Every event includes the originating IP address, user agent, and a correlation ID for request tracing.
Preserved Identity
Actor email addresses are stored at event time. Even if an account is later renamed, the history remains accurate.
Change Tracking
Old and new values are stored as structured data for role changes, status updates, and permission modifications.
Every critical event, captured automatically
From login attempts to role changes, the audit log records 17 distinct event types across authentication, account management, and access control.
Authentication
- Login success
- Login failure
- Logout
- Token refresh
Password & Security
- Password change
- Password reset request
- Password reset complete
- Password setup
Account Management
- Account created
- Account activated
- Account deactivated
- Account locked
- Account deleted
Access Control
- Role changes
- View assignments
Prioritize what matters
Every audit event is tagged with a severity level so you can filter noise and focus on the events that need attention.
Debug
Verbose events for deep investigation
Info
Normal operations like logins and logouts
Warning
Failed attempts and unusual activity
Critical
Account deletions, lockouts, and breaches
Login Failed
Authentication
Actor
unknown@example.com
Actor Role
N/A — Unauthenticated
Target User
mike@acmeplumbing.com
IP Address
192.168.1.47
User Agent
Chrome 121 / macOS 14.3
Correlation ID
req_7f3a9c2b-e41d
Timestamp
Feb 7, 2026 09:14:23 UTC
Failure Reason
Invalid password — 3rd attempt in 5 minutesEvery detail you need to investigate
Each audit entry captures the full context of the event — who acted, who was affected, where the request came from, and what changed. Historical email addresses are preserved even after account updates.
Actor identity and role
Who performed the action, their email at the time, and their role within the system.
Target user context
When an action affects another user, the target is recorded alongside the actor.
Network and device details
IP address, user agent string, and a unique correlation ID for each request.
Before and after values
Structured JSON captures old and new values for any change — roles, permissions, and status.
Failure reasons
When an event fails, the reason is captured for later review and pattern detection.
Built for review, not just recording
Audit logs are only useful if you can find what you need. Search, filter, and review entries directly from the admin panel.
Search and filter
Find entries by actor, event type, severity, date range, or target user. Narrow down to exactly what you need.
Sortable log viewer
Review events in a dedicated admin panel with sortable columns and expandable detail rows.
Export to CSV
Download filtered audit data for external analysis, compliance reporting, or record keeping.
Part of a secure foundation
Audit logging works alongside Pillar's broader security and compliance features.
Available on the Enterprise plan
ProAudit logging is part of the Enterprise tier alongside project management, contracts, job dependencies, API access, and advanced Twilio integrations. Start with a 14-day free trial that includes every feature.
See audit logging in your demo
Walk through the audit log with our team — we will show you how every event is captured, how to investigate incidents, and how the log fits your compliance needs.