Security & Compliance
Audit Logs & Activity History
Track every action in your Zelosify organization with comprehensive audit logging.
What is Logged
Every significant action in Zelosify is recorded in an immutable audit log:
| Category | Events Logged |
|---|---|
| Authentication | Sign-in, sign-out, failed attempts, MFA events, password changes |
| Users | Created, deactivated, role changed, invited, removed |
| Contracts | Created, uploaded, edited, signed, status changed, deleted |
| Vendors | Created, edited, status changed, archived, compliance updates |
| SOWs | Created, approved, rejected, signed, status changed |
| Signatures | Sent, viewed, signed, declined, voided |
| Settings | Organization settings changed, SSO configured, billing updated |
| Data Access | Exports, downloads, API access, bulk operations |
| AI Features | Queries made, contracts drafted, credits consumed |
| Admin Actions | GDPR requests processed, users force-deactivated, data purged |
Audit Log Fields
| Field | Description |
|---|---|
| Timestamp | Exact time of the event (UTC) |
| Actor | Who performed the action (user ID, name, email) |
| Action | What was done (e.g., "contract.created", "user.role_changed") |
| Resource | What was affected (e.g., "Contract #10024") |
| Details | Additional context (old value → new value for changes) |
| IP Address | Origin IP of the request |
| User Agent | Browser/device information |
| Result | Success or failure |
| Correlation ID | Links related events in the same operation |
Accessing Audit Logs (Admin Only)
- Navigate to Settings → Security → Audit Logs
- Filter by: date range, actor, action type, resource type, result
- Search by keyword
- Export as CSV or JSON for external analysis
Retention
- Default retention: 2 years
- Enterprise: configurable up to 7 years
- Logs are immutable — cannot be edited or deleted (even by admins)
- Stored in a separate, append-only data store