Audit log
Every sensitive LangSync action in your organization — who did what, when, and to which resource, with filters for investigation.
The audit log (LangSync → Audit log) records every sensitive action in your organization's LangSync account: namespace edits, API key creation, glossary changes, sync jobs, imports. It answers "who changed this, and when?" without archaeology in Git or Slack.
Each entry records:
| Field | Content |
|---|---|
| When | Timestamp; the list is newest-first. |
| Actor | The user (name/email), plus a badge when the action came from an API key or from the System (background workers finishing jobs). |
| Action | What happened, e.g. namespace.created. |
| Target | The resource type and ID it happened to. |
| Details | Action-specific metadata (e.g. the new name on a rename). |
Entries also capture the IP address and user agent of the request, and they are permanent — unlike sync job records, they're never garbage-collected.
What gets recorded
| Target | Actions |
|---|---|
| Namespace | created, updated, deleted, language added, language removed |
| Term | created, updated, deleted |
| API key | created, revoked |
| Glossary | created, language attached; item created / updated / deleted |
| Custom language | created, deleted |
| Custom prompt | created, updated, deleted |
| Sync job | created, completed, failed |
| Term import | finished |
| Migrator (POEditor) | imported |
Reads are never audited — browsing namespaces or fetching translations leaves no entries. Individual translation edits surface as term updates.
Filtering
The toolbar filters combine, each narrowing the query independently:
- Date range — presets for All time, 24h, 7d, 30d.
- Action — multi-select, grouped by target type.
- Target — multi-select by resource type (Namespace, API key, Glossary, …).
- Actor — multi-select from everyone who appears in your log; includes System for background-worker entries.
A combination like last 7 days + API key actions answers "did anyone touch our credentials this week?" in two clicks. The × button clears everything. The list loads more entries as you scroll, with a Load more fallback.
Privacy and GDPR
Actor names and emails are resolved live from the account system, not frozen into the log. When a user exercises their right to erasure and deletes their account, their past entries remain — but the actor shows as "Anonymized user". You keep the integrity of the trail without retaining personal data. See Platform → GDPR.
Access over the API
The same data is available programmatically (GET /audit-log) with
cursor pagination and filters for time range (since / until),
actions, target types, a specific target ID, and actors (including the
literal system). A companion endpoint lists the distinct actors for
building filter UIs. Polling the API with an action filter is the
supported way to feed LangSync events into an external SIEM or
notification pipeline — LangSync doesn't emit webhooks. See the
API reference.
Related
- API keys — the credentials whose lifecycle shows up here.
- Platform → GDPR — the platform-wide data-handling rules the log follows.
Project sync
Pin a repository to LangSync with nrc langsync init, then reconcile local JSON translation files with sync and pull — flags, conflict strategies, and the .langsync.json reference.
API keys
Long-lived credentials for the Public API — creation, the one-time reveal, revocation, rotation, and scope.