Audit log

Every sensitive LangSync action in your organization — who did what, when, and to which resource, with filters for investigation.

Not verified yet

The audit log (LangSync → Audit log) records every sensitive action in your organization's LangSync account: namespace edits, API key creation, glossary changes, sync jobs, imports. It answers "who changed this, and when?" without archaeology in Git or Slack.

Each entry records:

FieldContent
WhenTimestamp; the list is newest-first.
ActorThe user (name/email), plus a badge when the action came from an API key or from the System (background workers finishing jobs).
ActionWhat happened, e.g. namespace.created.
TargetThe resource type and ID it happened to.
DetailsAction-specific metadata (e.g. the new name on a rename).

Entries also capture the IP address and user agent of the request, and they are permanent — unlike sync job records, they're never garbage-collected.

What gets recorded

TargetActions
Namespacecreated, updated, deleted, language added, language removed
Termcreated, updated, deleted
API keycreated, revoked
Glossarycreated, language attached; item created / updated / deleted
Custom languagecreated, deleted
Custom promptcreated, updated, deleted
Sync jobcreated, completed, failed
Term importfinished
Migrator (POEditor)imported

Reads are never audited — browsing namespaces or fetching translations leaves no entries. Individual translation edits surface as term updates.

Filtering

The toolbar filters combine, each narrowing the query independently:

  • Date range — presets for All time, 24h, 7d, 30d.
  • Action — multi-select, grouped by target type.
  • Target — multi-select by resource type (Namespace, API key, Glossary, …).
  • Actor — multi-select from everyone who appears in your log; includes System for background-worker entries.

A combination like last 7 days + API key actions answers "did anyone touch our credentials this week?" in two clicks. The × button clears everything. The list loads more entries as you scroll, with a Load more fallback.

Privacy and GDPR

Actor names and emails are resolved live from the account system, not frozen into the log. When a user exercises their right to erasure and deletes their account, their past entries remain — but the actor shows as "Anonymized user". You keep the integrity of the trail without retaining personal data. See Platform → GDPR.

Access over the API

The same data is available programmatically (GET /audit-log) with cursor pagination and filters for time range (since / until), actions, target types, a specific target ID, and actors (including the literal system). A companion endpoint lists the distinct actors for building filter UIs. Polling the API with an action filter is the supported way to feed LangSync events into an external SIEM or notification pipeline — LangSync doesn't emit webhooks. See the API reference.

  • API keys — the credentials whose lifecycle shows up here.
  • Platform → GDPR — the platform-wide data-handling rules the log follows.

On this page