Activity Logs

Activity Logs show everything that happens in your account. Track who did what, when they did it, and why.

Understanding Activity Logs

Activity Logs are a complete audit trail of:

• Who performed an action (user, API key, service)
• What they did (created, modified, deleted)
• Where it happened (which resource)
• When it happened (exact timestamp)
• Why it matters (for compliance)

Accessing Activity Logs

1. Click Activity Logs in sidebar
2. See most recent activities first
3. Scroll to see older activities
4. Use filters to find specific events

Log Entry Details

Each entry shows:

User: alice@company.com
Action: Created notebook
Resource: "Sales Analysis Q2"
Time: 2024-06-12 14:30:22 UTC
IP Address: 192.168.1.100
Status: Success
Duration: 245ms
Details: Notebook created with 5 cells

Viewing Event Details

Click any log entry to see:

Basic Information

• User who performed action
• What action (create, update, delete)
• Resource affected
• Status (success/failure)

Metadata

• Timestamp (exact time)
• IP address
• User agent (browser/app)
• Session ID
• Request ID

Changes Made (if applicable)

Before: {"status": "draft"}
After: {"status": "published"}

Changed fields:
- title: "Report" → "Q2 Sales Report"
- visibility: "private" → "shared"

Filtering Activities

By Action Type

Created, Updated, Deleted
Viewed, Executed, Cancelled
Shared, Revoked, Promoted

By Resource Type

Notebooks, Experiments, Pipelines
Databases, Collections
Queries, Reports
Users, Teams, Permissions

By User

• Specific user
• Current user
• API keys
• Service accounts

By Date Range

Today
Last 7 days
Last 30 days
Last 90 days
Custom range

By Status

Success - Action completed
Failed - Action failed
In Progress - Still running
Pending - Waiting for approval

Common Activities

Query Execution

✓ Executed query "Top 10 Customers"
  Duration: 1.2 seconds
  Rows returned: 10
  User: data-analyst@company.com

Notebook Changes

✓ Created notebook "Q2 Analysis"
✓ Added cell "Data Import"
✓ Executed notebook (10 cells)
✓ Modified notebook title
✓ Shared with team-members@company.com

Data Modifications

✓ Inserted 1,000 rows into customers table
✓ Updated user #12345
✓ Deleted orphaned records
✓ Imported data from CSV

Permission Changes

✓ Granted "team-data" read access to sales_db
✓ Revoked "contractors" access to sensitive_data
✓ Made notebook "Public Dashboard" public
✓ Changed "alice" role to Admin

Pipeline Execution

✓ Triggered pipeline "Daily ETL"
✓ Failed: Step 2 - database connection timeout
✓ Manually restarted pipeline "Daily ETL"
✓ Disabled pipeline "Legacy Process"

Searching Activities

Search Box

Type to search:

• User names: "alice", "data-team"
• Actions: "created", "deleted", "shared"
• Resources: "sales database", "Q2 report"
• IP addresses: "192.168.1"

Advanced Search

Combine filters:

User: alice@company.com
Action: Updated
Resource: Database
Date: Last 7 days
Status: Success

Find: All successful database updates alice made in the last week

Downloading Logs

Export as CSV

timestamp,user,action,resource,status,ip_address
2024-06-12 14:30:22,alice@company.com,created,sales_db,success,192.168.1.100
2024-06-12 14:35:10,bob@company.com,updated,sales_db,success,192.168.1.101

For Compliance

1. Click Export
2. Choose date range
3. Select format (CSV, JSON)
4. Download
5. Share with auditors/compliance

Automated Reports

Set up weekly/monthly email reports:

1. Click Schedule Report
2. Choose frequency
3. Select recipients
4. Choose format
5. Recipients get regular reports

Troubleshooting with Logs

Find What Changed

Someone modified data. Who did it?

1. Filter by Resource: "orders table"
2. Filter by Action: "updated"
3. Look for when change happened
4. See who made the change
5. Click for details on what changed

Audit a User's Actions

Check what one person did:

1. Filter by User: "alice"
2. Choose date range
3. See all activities
4. Investigate if suspicious

Track Data Leak

If data leaked, find how:

1. Filter by Resource affected
2. Check who accessed it
3. When was it downloaded/exported
4. Who had permission
5. Document timeline

Investigate Failed Operations

Pipeline failed? See what went wrong:

1. Filter by Resource: "pipeline name"
2. Filter by Status: "Failed"
3. Click entry
4. See error message
5. Check logs for details

Privacy and Security

Who Can See Logs

• Account Owner - Can see all logs
• Admins - Can see most logs
• Team Members - Can see own activities
• Auditors - Can see if granted access

Data Retention

Activity logs kept for: 1 year
Deleted logs: Permanently removed
Long-term audit: Archive to external storage

Sensitive Data

Some logs redact sensitive info:

Original: query selected password_hash
Logged: query selected [REDACTED]

Original: API key updated
Logged: API key updated (actual key not shown)

Best Practices

Regular Review

• Check weekly for unusual activity
• Investigate failed operations
• Monitor sensitive resource access

Audit Trail

Keep detailed logs for:

• Compliance requirements
• Security investigations
• Performance debugging
• Feature usage analysis

Alerts

Set up alerts for:

• High number of failures
• Large data exports
• Permission changes
• Sensitive resource access

Advanced Features

Webhooks

Get notified of activities:

POST /your-webhook-url
{
  "event": "notebook_executed",
  "user": "alice@company.com",
  "resource": "Q2 Sales Report",
  "timestamp": "2024-06-12T14:30:22Z"
}

Log Streaming

Stream logs to external tools:

• Splunk
• Datadog
• CloudWatch
• ELK Stack

Retention Policies

Configure how long to keep logs:

Recent logs: Keep all
30+ days old: Aggregate and compress
1+ year old: Archive to cold storage
5+ years: Delete (unless compliance required)

Related Topics

• System Monitoring - See system health
• Team Management - Manage permissions
• Billing & Plans - Track usage costs