Home / Help Center / pos-app / Admin / Audit Log
🛡️ Admin

Audit Log

The Audit Log is the complete, tamper-evident history of every significant action taken in the system — who did what, when, from which IP address — used for accountability, troubleshooting, and security review.

📍 Menu path: Admin → Audit Log
👤 Who uses it: Admin and Manager (view/export); Admin only for purging old logs — requires the Advanced plan tier or above
🏷️ Plan tier: advanced+

Overview

Every create, update, delete, login, logout, export, import and print action across entities like sales, products, customers, users, inventory, expenses, settings and reports is captured here with a timestamp, the acting user, and a human-readable description.

A summary section shows Total Logs, Today's Actions, Active Users in the last 30 days, and how many distinct entity types have activity, plus three visual breakdowns: actions by frequency, entities by frequency, and the most active users over the last 30 days.

Below the summary is a searchable, filterable, exportable table of every individual log entry — this is the detailed record you drill into when investigating a specific change or user.

Before You Start

Step-by-Step Guide

1 Investigate a specific change

  1. Use the Action dropdown to narrow to a specific action type (CREATE, UPDATE, DELETE, LOGIN, LOGOUT, EXPORT, IMPORT, PRINT).
  2. Use the Entity dropdown to narrow to one record type (sale, product, customer, user, inventory, expense, setting, report).
  3. Set a From/To date range to bound the search window.
  4. Use the search box on the table itself for free-text matching on description, user name, or entity.
  5. Click any row's Description or use the table's detail view to see the full context, including the acting user's name/role and the IP address the action came from.

2 Review activity summary and top users

  1. Check the four summary KPI cards at the top for a quick health check: Total Logs, Today's Actions, Active Users (30d), Entity Types.
  2. Review the "Actions (last 30 days)" bar chart to see which action types dominate (e.g. a spike in DELETE might warrant investigation).
  3. Review "Entities (last 30 days)" to see which record types are being touched most.
  4. Check "Most Active Users (30d)" to see who is generating the most activity — useful both for recognising engaged staff and spotting unusual activity.

3 Export logs for external review

  1. Apply whatever filters you need, then use the export control in the table toolbar (visible only with export permission) to download the filtered results.

4 Purge old audit logs

Purging permanently deletes old log entries and cannot be undone — use it only for routine housekeeping on very old data.

  1. Click Purge Old (visible only to users with delete permission).
  2. Enter how many days of history to keep — a minimum of 7 days is enforced.
  3. Confirm to permanently delete every log entry older than that cutoff.

Every Field & Button, Explained

Field / ButtonWhat it does
Total LogsAll-time count of every recorded audit entry.
Today's ActionsCount of audit entries created so far today.
Active Users (30d)Number of distinct users who have appeared in the audit log in the last 30 days.
Entity TypesNumber of distinct entity categories (sale, product, customer, etc.) with activity in the last 30 days.
Action filterRestricts the table to one action type: CREATE, UPDATE, DELETE, LOGIN, LOGOUT, EXPORT, IMPORT, PRINT.
Entity filterRestricts the table to one entity type: sale, product, customer, user, inventory, expense, setting, report.
From / To date filtersBounds the table to a specific date range.
Clear filtersResets action, entity and date filters back to showing everything.
Time columnFull timestamp of the action plus a relative "x ago" indicator.
User columnThe acting user's name and role, or "System" for automated actions.
Action badgeColour-coded label for the action type (e.g. green Create, blue Update, red Delete).
Entity columnThe type of record affected, shown as a small capsule.
Description columnHuman-readable summary of what happened, plus a truncated entity ID.
IP Address columnThe network address the action was performed from.
Purge OldPermanently deletes audit entries older than a chosen number of days (minimum 7); requires delete permission.

Tips & Best Practices

Troubleshooting & FAQ

I don't see the Purge Old button.
Purging requires delete permission on this page. Ask your Admin to grant it under Settings → Staff Permissions if you believe you should have access.
The action/entity breakdown charts look empty.
Those charts only summarise the last 30 days of activity — if your account or installation is brand new, there may simply not be enough history yet.
Can I edit or delete a single audit entry?
No — individual entries cannot be edited or deleted one at a time; only a bulk "purge older than N days" operation is available, which is intentional to preserve the integrity of the trail.
Why don't I see this page in the sidebar?
Audit Log requires the Advanced plan tier or above; on lower tiers the menu item is hidden.

🧑‍💻 Developer Notes

Source component(s):

  • frontend-app/packages/pos-react-lib/src/pages/AuditTrailPage.jsx

Backend endpoints used:

  • GET /audit/summary
  • GET /audit
  • DELETE /audit/purge?days=

Related tables (db-core repositories):

  • AuditLog (best-effort — action, entity, entityId, description, userId, ipAddress, createdAt)

Redux slices:

  • scopeSlice (selectCurrentScope / getScopeQueryParams)

Feature flag key: audit (requires advanced plan tier or above)

A closely related but separate page, AuditSecurityReportsPage.jsx, offers five deeper security-focused report tabs on top of the same underlying audit data: User Activity Log, Deleted Invoices, Modified Invoices, Price Overrides, and a Failed Login Report (with a "Top Suspicious IPs" panel). It is reached from the Reports area rather than this Admin sidebar item, but shares the same /audit and dedicated /audit-security-reports/* endpoints and is worth checking when this page's general log needs a sharper, invoice- or security-specific lens.