On this page

Audit Logs

The Audit Logs page records every mutation you perform on Guara Cloud — service edits, deploys, environment-variable changes, cron worker triggers, registry credential saves, project membership changes, and more. It is your transparent, queryable trail of what you did, when, from where, and whether it succeeded.

You can find it from the dashboard navigation under Operations → Audit Logs.

What’s recorded

Every audited mutation captures:

  • Action — a stable, machine-readable identifier (e.g., service.update, cron_worker.create, project.member.invite).
  • Resource — the kind of resource the action targeted and its ID.
  • Actor — your user account.
  • Outcomesuccess if the action completed without error, failed if it threw.
  • Timestamp with timezone.
  • Request context — IP address (anonymized to /24 for IPv4 and /48 for IPv6) and user agent.
  • Metadata — relevant fields for the action, such as the diff for an update or the override flag for a registry credential save.

PII inside metadata is automatically redacted before persistence. You and the platform’s audit interceptor are the only writers; nobody can edit or delete audit log entries.

Filtering

The toolbar above the table lets you slice the log by:

  • Action type — pick one or more actions (e.g., only cron_worker.* events).
  • Resource type — services, projects, deploys, cron workers, etc.
  • Project — limit to one of your projects.
  • Date range — last hour, last 24 hours, last 7 days, custom.
  • OutcomeAll, Success only, Failed only. New in the Odysseus release.

The outcome filter is the fastest way to surface security or operational issues. “Show me every failed mutation in the last 24 hours” is a single click.

Reading an entry

Click any row to expand it. The detail panel shows the full metadata for that entry, including the diff for updates and any structured context the platform captured. Sensitive fields are masked.

Entries are immutable. If you need a permanent copy for compliance, contact support — we can export a signed archive.

Privacy

The Audit Logs page is strictly your own — you only see actions you performed. Other accounts in the same project never see your activity, and you never see theirs. Project-scoped actions performed by collaborators show up in the project owner’s view of the platform’s separate admin audit trail; talk to the project owner if you need that perspective.

API access

The same data is available via the GET /v1/audit-logs endpoint, with the same filters as query parameters:

GET /v1/audit-logs?action_type=service.update&outcome=failed&since=2026-04-29T00:00:00Z

Responses are paginated and include the same outcome field surfaced in the dashboard. See the API reference for details.

Cron workers and registry credentials

A few new actions ship with the Odysseus release:

  • Cron worker mutations. cron_worker.create, cron_worker.update, cron_worker.suspend, cron_worker.resume, cron_worker.delete, cron_worker.manual_trigger. See Cron Workers — Monitoring and runs.
  • Registry credential saves. Recorded as part of service.create / service.update with metadata indicating whether the preflight passed or was overridden. See Private container registries.