Audit log
The audit log is a chronological, append-only record of significant actions taken in your company — order placements, status changes, imports, team-member invites, webhook deliveries, subscription changes, returns, and more. Every entry captures who did what, to which entity, and when.
Find it at
/dashboard/settings/audit. OWNER or
ADMIN only.
Anatomy of an entry
Each row has:
| Field | Notes |
|---|---|
| When | Timestamp, local timezone, Apr 17, 2026, 02:22 PM. |
| Actor | The user's name, the word Customer (for storefront-initiated actions), or System (for cron jobs, webhook side-effects, subscription state changes). |
| Action | A dotted identifier like order.placed or webhook.secret_rotated. |
| Entity | The entity type and, when relevant, a truncated ID — e.g. order clxxord1…. |
| Details | A View disclosure that expands into a JSON metadata blob. Size-capped at 8 KB; oversized payloads are dropped with a log warning. |
Actor types
Every entry has one of three actor types:
| Actor type | Who / what | Examples |
|---|---|---|
USER | A staff member — matched to a row in the Actor column. | A dashboard action, an API call with a key (the key's creator is the actor). |
CUSTOMER | A customer acting on the storefront. | Self-registration, placing an order, opening a return. |
SYSTEM | Non-human actions. | Scheduled-report runs, webhook delivery attempts, Stripe webhook side-effects. |
Filters
The top bar exposes:
- Actor type —
USER,SYSTEM,CUSTOMER, orAll. - Entity type — a dropdown populated from whatever entity types
have been written (e.g.
order,product,customer,api_key,webhook). - From / To — date range.
Tois inclusive; it snaps to end-of-day.
Filters stack and are encoded in the URL so you can share a filtered view by copying the address bar.
Action catalog
Actions are stable strings — the enum in code is the source of truth, but here's the current catalog organised by area.
Inventory
| Action | When |
|---|---|
product.created | Product created (dashboard, API, or CSV). |
product.updated | Product edited. |
product.deleted | Product deleted. |
product.status_changed | Product toggled active/inactive. |
product.bulk_imported | CSV import applied. Metadata: row counts. |
product.bulk_updated | Bulk edit applied from the products list. |
product.bulk_deleted | Bulk delete applied from the products list. |
Orders
| Action | When |
|---|---|
order.placed | Order created (storefront, API, or dashboard). |
order.status_changed | Status transition. Metadata: fromStatus, toStatus. |
order.updated | Non-status order edits (e.g. tracking, PO number, notes). |
Customers
| Action | When |
|---|---|
customer.created | Customer created (dashboard, API, self-register, CSV). |
customer.updated | Any customer field edited. |
customer.status_changed | Customer activated / blocked. |
customer.bulk_imported | CSV import applied. |
Customer contacts & pricing
| Action | When |
|---|---|
customer_contact.created | A sub-user login added to a customer. |
customer_contact.updated | Role change on a customer contact. |
customer_contact.deleted | A sub-user login removed. |
price_override.set | Per-customer price override created or changed. |
price_override.deleted | Per-customer price override removed. |
Team
| Action | When |
|---|---|
member.invited | Staff invite sent. |
member.joined | Invite accepted. |
member.removed | Member removed from company. |
member.role_changed | Role updated (OWNER / ADMIN / MEMBER). |
API keys & webhooks
| Action | When |
|---|---|
api_key.created | API key generated. Metadata: name, scopes. |
api_key.revoked | API key revoked. |
webhook.created | Webhook endpoint registered. |
webhook.updated | Webhook config edited. |
webhook.secret_rotated | Signing secret rotated. |
webhook.deleted | Webhook endpoint deleted. |
Returns & refunds
| Action | When |
|---|---|
return.requested | Return opened. |
return.approved | Return approved. |
return.received | Return marked received, with item conditions recorded. |
return.rejected | Return declined. |
refund.processed | Refund issued. |
credit_note.issued | Credit note created alongside a refund. |
Reports
| Action | When |
|---|---|
report.exported | On-demand report CSV/PDF downloaded. |
scheduled_report.created | Scheduled report configured. |
scheduled_report.updated | Scheduled report edited. |
scheduled_report.deleted | Scheduled report removed. |
scheduled_report.sent | A cron run successfully sent a report. |
scheduled_report.failed | A cron run failed. |
Subscription & billing
| Action | When |
|---|---|
subscription.changed | Plan or billing interval changed. |
subscription.past_due | Stripe invoice payment failed. |
subscription.canceled | Subscription canceled. |
Metadata payloads
The metadata column is free-form JSON specific to the action. Shape
is stable per action but not formally schemed — inspect a few entries
with the View disclosure to see what a given action emits before
building dashboards on top of it.
Size cap: 8 KB serialised per entry. Anything larger is dropped with a server-side log warning and the entry is written without metadata (action / actor / entity are always persisted).
Retention
Audit log entries are never automatically deleted. They persist for the life of the company; deleting the company cascades to its audit log (hard delete).
No export button today — if you need a dump, email support@distribu.app.
What the audit log is not
- Not a webhook delivery log. Per-webhook delivery attempts (status codes, response times) are recorded separately, visible on each webhook's detail page. The audit log only captures config changes to webhooks themselves.
- Not an API request log. Individual API calls aren't audited —
only the key create / revoke events are. Calls update
apiKey.lastUsedAtbut don't write an audit row. - Not a security event stream. Logins, failed logins, password resets, and the like flow through application logs, not the audit log.
What's not here (yet)
- CSV / JSON export from the UI.
- Programmatic audit-log API (
/api/v1/audit) — not exposed. - Per-entity drill-in — clicking an entity doesn't jump to its detail page yet.
- Custom retention windows. Every entry is kept indefinitely.
Related:
- Roles & permissions — who can read the audit log.
- Webhooks — where per-delivery webhook history lives (not here).
- Notifications — the in-app stream of things you should know about, a curated subset of audit events.