Audit Logging provides comprehensive tracking and monitoring of user actions across your Gumloop organization. This feature enables administrators to maintain security, compliance, and operational oversight by recording detailed logs of all significant activities within the platform.

Overview

Audit logging automatically captures and stores detailed records of user activities, system events, and administrative actions within your organization. This feature is essential for:
  • Security Monitoring: Track unauthorized access attempts and suspicious activities
  • Compliance Requirements: Meet regulatory standards for data access and modification tracking
  • Operational Oversight: Monitor workflow executions and system usage patterns
  • Troubleshooting: Investigate issues by reviewing historical activity patterns
  • Data Governance: Maintain comprehensive records of data access and modifications

Accessing Audit Logs

Navigate to your organization’s audit logging interface at: gumloop.com/settings/organization/audit-logging
Audit Logging Overview

Tracked Events

The audit logging system captures a comprehensive range of activities across the platform:

Authentication Events

  • User Sign-ins: Records when users authenticate to the platform
  • Session Management: Tracks session creation and termination

Credential Management

  • Credential Creation: New API keys, OAuth connections, and service integrations
  • Credential Modification: Updates to existing authentication credentials
  • Credential Deletion: Removal of credentials from the system
  • Credential Retrieval: Access to stored credentials for workflow execution

Workspace Operations

  • Workspace Creation: New workspace setup and configuration
  • Member Management: Adding or removing users from workspaces
  • Workspace Deletion: Permanent removal of workspaces
  • Workspace Renaming: Changes to workspace names and metadata

Organization Management

  • Member Addition/Removal: Changes to organization membership
  • Domain Configuration: Updates to organization domain settings
  • Metadata Updates: Changes to organization settings and configuration

Permission Group Management

  • Group Creation: New permission groups and access controls
  • Member Changes: Adding or removing users from permission groups
  • Group Deletion: Removal of permission groups

Flow Operations

  • Flow Execution: Workflow runs and automation triggers
  • Flow Termination: Manual or automatic stopping of workflows
  • Flow Completion: Successful workflow completions
  • Run Retrieval: Access to workflow execution results and logs

File Operations

  • File Uploads: Documents and data uploaded to the platform
  • File Downloads: Access to stored files and documents
  • File Deletion: Removal of files from the system

Audit Log Data Structure

Each audit log entry contains comprehensive metadata and contextual information: Example of workbook creation logs:
{
  "flow_jsons": [
    [
      {
        "batch": false,
        "category": "Using AI",
        "dynamic_inputs": [],
        "dynamic_outputs": [],
        "id": "eEovMC652wM7Mvzo31G4xM",
        "input_errors": {},
        "inputs": {},
        "is_collapsed": false,
        "operator": "Ask AI",
        "parameter_errors": {
          "Azure Cognitive Services Account": "",
          "Azure Deployment": "",
          "Azure Resource Group": "",
          "Azure Subscription": "",
          "Cache Response": "",
          "Connect MCP Server?": "",
          "MCP Servers": "",
          "Maximum Tokens": "",
          "Reasoning Effort": "",
          "Temperature": "",
          "Thinking Tokens": "",
          "Use Function?": "",
          "azure_cognitive_services_map": "",
          "azure_deployment_map": "",
          "azure_resource_groups_map": "",
          "azure_subscription_map": "",
          "model_preference": "",
          "prompt": "",
          "servers_setup_map": ""
        },
        "parameter_input_errors": {},
        "parameter_inputs": {},
        "parameters": {
          "Azure Cognitive Services Account": null,
          "Azure Deployment": null,
          "Azure Resource Group": null,
          "Azure Subscription": null,
          "Cache Response": null,
          "Connect MCP Server?": null,
          "MCP Servers": null,
          "Maximum Tokens": null,
          "Reasoning Effort": null,
          "Temperature": null,
          "Thinking Tokens": null,
          "Use Function?": null,
          "azure_cognitive_services_map": null,
          "azure_deployment_map": null,
          "azure_resource_groups_map": null,
          "azure_subscription_map": null,
          "model_preference": null,
          "prompt": null,
          "servers_setup_map": null
        },
        "position": {
          "x": 945.508855591821,
          "y": 137.38119073725161
        },
        "version": "v0_11"
      }
    ]
  ],
  "pl_config_info": [
    {
      "pl_config_hash": "{ID}"
    }
  ],
  "saved_items_info": [
    {
      "saved_item_id": "{ID}",
      "saved_item_ref": "{ID}"
    }
  ],
  "user_email": "admin@gumloop.com",
  "workbook_id": "{ID}",
  "workbook_name": "New Workbook",
  "workspace_id": null
}

Core Event Data

  • Event ID: Unique identifier for each logged event
  • Timestamp: Precise date and time when the event occurred (ISO format)
  • Event Type: Categorization of the specific action performed
  • User ID: Identifier of the user who performed the action

Request Context

  • Source IP Address: Network location from which the action was initiated
  • Session Information: Authentication context and session details

Event Details

  • JSON Object: Action-specific information and parameters
  • Resource Identifiers: IDs of affected workspaces, flows, or other resources

API Access

For programmatic access to audit logs, use the REST API endpoint.

Endpoint Details

GET /api/v1/get_audit_logs

Required Parameters

  • organization_id (string): ID of the organization to retrieve logs for
  • user_id (string): Your user ID (must be organization admin)
  • start_time (datetime): Start timestamp for filtering (ISO format)
  • end_time (datetime): End timestamp for filtering (ISO format)

Optional Parameters

  • page (integer): Page number for pagination (default: 1)
  • page_size (integer): Records per page (default: 50)

Authentication

Include your API key in the Authorization header:
Authorization: Bearer your_api_key_here

Example API Call

curl --request GET \
  --url 'https://api.gumloop.com/api/v1/get_audit_logs?page=1&page_size=50&start_time=2025-01-01T00%3A00%3A00&end_time=2025-01-02T00%3A00%3A00&user_id=user_abc123&organization_id=org_xyz789' \
  --header 'Authorization: Bearer your_api_key_here'
For complete API documentation, see: Gumloop API Reference

Data Privacy and Security

Data Protection

  • Encryption: All audit logs are encrypted at rest and in transit
  • Access Control: Logs are accessible only to organization administrators
  • Data Isolation: Organization audit logs are completely isolated from other organizations

Retention and Compliance

  • Data Retention: Audit logs are retained according to Enterprise agreement terms
  • Compliance Standards: Meets SOC2 Type II and GDPR requirements
  • Data Export: Full export capabilities for compliance and backup purposes

See Also