# Audit Log

The audit log is a record of events and changes. Users and other systems using ProcessMaker IDP create logs based on these events. Audit logs typically document a sequence of activities or a specific activity. They vary significantly between ProcessMaker IDP services. 

Audit logs are a valuable resource for admins and auditors who want to examine suspicious activity on a network or diagnose and troubleshoot issues. These logs can provide administrators with invaluable insight into what behavior is normal and what behavior is not.

## **Audit Log Filters**

You can apply one or more filters to display only the data that interests you. To clear a filter, click the trashcan icon next to the filter box.

<table><thead><tr><th width="183">Filter Category</th><th>Description</th></tr></thead><tbody><tr><td>Application Name</td><td>Filter on different services such as:<br>- Gateway (Events triggered by a user or REST API user)<br>- Datastore (Entity events triggered by a user or service)<br>- GraphQL (admin operations in the User Interface or read events on entities)</td></tr><tr><td>Auth Action</td><td>Filter on authentication events such as LOGIN, LOGOUT, or FAILURE.</td></tr><tr><td>Entity ID</td><td>Filter on a specific ENTITY instance by using a UUID (e.g., cea965d4-96a7-45a5-88ae-587fed7179c2).</td></tr><tr><td>Entity Name</td><td>Filter on all ENTITY OPERATIONS for a specific ENTITY (e.g., FILE or FOLDER).</td></tr><tr><td>Entity Operation</td><td>Filter on specific entity-related operations: CREATE, UPDATE, and DELETE.</td></tr><tr><td>GraphQL Operation</td><td>Filter on specific admin operations such as Process Mapping, Reindex, and Train.</td></tr><tr><td>Request Method</td><td>Filter on actions such as downloading a file in the User Interface or REST operations.</td></tr><tr><td>Type</td><td>Filter on specific actions such as PROXY REQUESTS for the gateway.</td></tr><tr><td>User</td><td>Filter on a specific user or system user.</td></tr><tr><td>Start Date</td><td>Select a start date to filter events after this start date. If a start date is selected, an end date must be entered.</td></tr><tr><td>End Date</td><td>Select an end date to filter events before this end date. If no start and end date are entered, the audit log is limited to 1 year.</td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://processmaker.gitbook.io/idp/idp-administrator/audit-log.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.