Skip to main content

Audit events dashboard

For Enterprise only: Monitor and analyze all activity in your organization, and identify potential security risks.

Updated over a week ago

For org admins on Coda’s Enterprise plan, the audit events dashboard is a powerful tool designed to help easily monitor and analyze all activity in your organization. This dashboard provides a centralized view of actions users have taken within Coda. Org admins can use this information to identify potential security risks, such as unexpected access attempts, and to help ensure compliance with your organization's policies.

ℹ️ The audit events dashboard is accessible only to org admins on Coda’s Enterprise plan.

Within this article, you’ll find...

Access the audit events dashboard

To view the audit events dashboard, follow these steps:

  1. Go to coda.io/docs

  2. Click on your name in the lower-left, then select Admin settings from the menu

  3. Search for - or scroll to - the Audit events tab (within the Security section)

Dashboard overview

The dashboard contains key information to help you analyze your organization’s audit logs. Each line in the dashboard represents a unique event. For each event, you can see the following information:

  • Data & time: This column shows the local date and time the action occurred

  • User: This column shows the user email ID that performed or is associated with the action

  • Action: This column shows the action or event that occurred. Some actions have more metadata, which can be found in the Action Details column

  • Action details: Here you'll find any available payload details for that action. These details are condensed by default, but you can click on an individual row to expand it, or click the Expand action details button at the top of the page to expand the details for all rows at once.

  • Entity: This column provides key details on the entity (doc, folder, group, organization, etc.) associated with the action

  • Result: This column indicates whether the action was allowed or denied

  • IP address: This column provides the IP address associated with the user that performed the action. You can also see the browser user agent information by hovering over the IP address.

Filter audit events

You can analyze specific audit events by using the filters at the top of the dashboard. The following filters are available:

  • People: To filter the audit events performed by a specific user

  • Date: To filter the audit events on a specific date or within a date range

  • Action: To filter the audit events to a specific action that occurred

  • Search: You can also use the search bar to search for and filter audit events associated with specific entity IDs.

For example, if you want to see the audit trail for a specific doc, paste the docID in the the search bar and hit enter. You should now see all the events associated with that specific doc.

ℹ️ In addition to the audit events dashboard, you can also use Coda’s Admin API to programmatically query audit events, integrate with other tools and export relevant data. Learn more about the Admin API here.

FAQs

Who has access to the audit events dashboard?

Only org admins on Coda’s Enterprise plan have access to the audit events dashboard.

How can I see more details about a specific action?

You can now find more details about each action in the Action details column. This column splits out the payload so you can more easily search for the action you need.

Can I search the dashboard for a specific payload?

Yes. The payload details can be found in the Action details column. However, before you search for a specific payload, you will first need to make sure the action details are expanded.

By default, the info in the Action details column is condensed for easier scrolling. You can expand an individual row by clicking on the details, or you can expand all rows at once by clicking the Expand action details button at the top of the page. Once expanded, you can search for a specific payload using the standard page search (e.g., cmd + f).

When should I use the audit events dashboard vs. Coda Admin Pack vs. Admin API?

All of these should surface the same data, so it depends on what makes the most sense for your needs.

  • The audit log dashboard is likely easiest to use for quick and general-purpose inspection.

  • The Coda Admin Pack is likely best for performing exports or more structured bulk actions based on a set of events.

  • The Admin API offers the most flexibility in terms of integration and can be used to integrate with SIEM systems.

What events are or aren’t shown in the audit events dashboard?

All events documented via the audit events API should be accessible via the audit events dashboard. We expect this list to continue growing, and if there are additional events you would like to see here, please let us know.

Related resources

Did this answer your question?