Audit Log
Overview
The Audit Log provides Admins and Owners with detailed visibility over administrative actions taken across your Learn Amp platform. It's essential for security monitoring, compliance auditing, and investigating changes to your platform configuration.
The Audit Log captures a detailed record of significant actions, helping you:
Track who made changes and when
Investigate deleted content or modified settings
Monitor user account changes
Maintain accountability and compliance
Review system-generated events
Each entry includes:
Timestamp – When the action occurred
User – Who performed the action
Action Type – What kind of action was taken
IP Address – Where the action originated
Details – Specifics of what changed
Pre-requisites
Role Requirements
Access to the Audit Log is restricted to:
Owner – Full access
Admin – Full access
Note: HR, Reporter, and Manager roles do not have access to the Audit Log due to the sensitive nature of the information it contains.
Quick-Start Guide
Step 1: Navigate to the Audit Log
From the sidebar navigation, click the Settings cog icon, then select Audit Log.
Step 2: Review Recent Activity
The log displays recent actions in reverse chronological order (newest first).
Step 3: Use Filters to Find Specific Actions
Available filters include:
Filter | Description |
|---|---|
User/Actor | View actions by a specific user |
Type | Filter by the kind of data affected (e.g. User, Item, Task) |
Event | Filter by action type (Created, Updated, Deleted, etc.) |
Object Name | Find actions on a specific item |
IP Address | Trace activity to a specific IP |
System | View automated system events |
Timespan | Set a date range (defaults to last 3 months) |
Step 4: View Action Details
Click "View details" on any row to see more granular information, including before and after values where applicable.
Functionality Breakdown
Tracked Object Types
The Audit Log tracks changes across many areas of your platform, including:
People – Users, Teams, Team memberships
Content – Items, Learnlists, Channels, Events, Quizzes, Surveys
Development – Objectives, One-to-Ones, Skills
Tasks – Task creation, updates, and assignments
System – Integrations, CSV exports, API applications
Event Types
Actions captured include:
Created – New records added
Updated – Changes to existing records
Deleted – Records removed (soft delete where applicable)
Password changed – User password updates
Login as – Admin impersonation of a user
Force logged out – User session terminated
Deactivated/Reactivated – User status changes
Marked as completed – Content completion on behalf of users
Archived – Content archived
Unfinalized – Completion status reversed
System Attribution
When actions originate from automated processes, the Audit Log shows the source:
Bulk Invite – Actions from user invitation batches
CSV Import – Changes made via bulk imports
Webhook – Updates triggered by external webhooks
API (App Name) – Changes made through API integrations
Integration name – Actions from connected HRIS or LMS systems
Data Retention
Audit Log data is retained for 18 months before being automatically purged.
FAQs
Q: Who can access the Audit Log?
Only users with Admin or Owner roles can access the Audit Log.
Q: How do I track when content was marked as complete?
Use the Event filter and select Marked as completed. This shows when an Admin manually marked content (Items, Learnlists, Channels, Events, Surveys, or Quizzes) as complete on behalf of a user. Each entry shows who marked it complete, for which user, and when.
Q: How do I track task deletions?
Use the Type filter and select Task, then use the Event filter to select Deleted. Task deletions are "soft deletes"—the task record is retained but marked as deleted, so you can still see full details including who deleted it and when.
Q: Where is the date filter in the Audit Log?
Add the Timespan filter to set a custom date range. By default, the Audit Log shows the last 3 months of activity.
Q: Can I export Audit Log data?
Export functionality is not currently available through the UI. Contact Support if you require an export.
Q: Are system-generated actions recorded?
Yes. Use the System filter to isolate automated events such as scheduled jobs, integrations, or API actions.
Q: Why are some details redacted?
Sensitive information such as API credentials, passwords, and access tokens is intentionally redacted for security. See Redacted Fields in the Audit Log for full details.
Q: Can I access audit logs via the LearnAmp API?
Not at this time. LearnAmp does not currently provide a dedicated API endpoint for retrieving audit logs. While some limited audit-related information can be retrieved using standard endpoints like GET /items/{id} or GET /events, these do not replicate the full depth of audit logging available in the UI. We encourage users to submit feature feedback via the Customer Portal to help prioritise future development.
Q: How do I identify which integration made a change?
When an action comes from an API integration, the Audit Log displays "API" followed by the application name in brackets. For webhook-triggered changes, the source webhook is also identified. See Integration Attribution in the Audit Log for more details.
Troubleshooting
Issue | Solution |
|---|---|
Cannot see the Audit Log | Verify you have Admin or Owner permissions |
Details missing for some actions | Some sensitive fields are intentionally redacted for security |
Cannot find a specific action | Try adjusting your date range using the Timespan filter, or check other filters |
Expected action not appearing | Ensure the action occurred within the last 18 months (data retention period) |
Don't recognise the actor name | Check if the action came from an API, integration, or system process—these are attributed accordingly |
Related Pages