Audit Logs
Export a timeline of material actions performed by your organization.
Admins of teams with an Organization or Enterprise plan can export a CSV audit log of material events that occurred in the team over a specified time frame.
Export your audit log data in the Render Dashboard from the Audit Logs section of your Workspace Settings page:
Availability of audit log data
- Render begins retaining audit log data for your team as soon as you upgrade to an Organization or Enterprise plan.
- Event data from prior to upgrading is not available.
- If your Organization or Enterprise plan started before June 24, 2024, audit log data is available from that date onward.
- Whenever Render adds a new audit log event type, tracking for that event begins on the date of the event’s introduction.
Audit log format
You can export your audit log data as a chronologically ordered CSV file with a separate row for each distinct event. The file includes the following columns:
Column | Description |
---|---|
timestamp |
The UTC timestamp when the event occurred. |
actor |
The entity that performed the action. Depending on the type of actor, this value has one of two formats:
|
event |
The type of event that occurred. |
status |
Indicates whether the event’s associated action succeeded. One of the following values:
|
metadata |
A JSON object containing additional details about the event. The fields of this object vary depending on the event type. |
Event types
Each event in your audit log corresponds to a specific action or change to your Render team’s resources. The following sections list tracked event types and provide a brief description of each.
Member management
Event Name | Description |
---|---|
|
A user was invited to the team. |
|
A user was removed from the team. |
|
An invitation to join the team was accepted. |
|
A team member’s role was changed. |
|
The team’s set of allowed login methods was changed. Currently, a team can either allow all Render-supported login methods or require login via Google account. |
|
Two-factor authentication (2FA) enforcement was enabled or disabled for the team. |
|
A team member logged in. |
|
A team member logged out. |
Apps & services
Render does not log events for services belonging to a service preview or preview environment.
Event Name | Description |
---|---|
|
A web service, private service, background worker, or static site was created. |
|
A web service, private service, background worker, or static site was suspended. |
|
A previously suspended web service, private service, background worker, or static site was resumed. |
|
A web service, private service, background worker, or static site was deleted. |
|
A service was accessed via SSH, either from the command line or from the the service’s Shell page in the Render Dashboard. |
|
A new Blueprint was created and applied to the team. |
|
A cron job was created. |
|
A cron job was deleted. |
Datastores
General
Event Name | Description |
---|---|
|
The IP allow list for a PostgreSQL database or Redis instance was updated. |
PostgreSQL
These events are logged only for primary PostgreSQL databases, not for high availability standby instances or read replicas.
Event Name | Description |
---|---|
|
A PostgreSQL database was created. |
|
A PostgreSQL database was deleted. |
|
A PostgreSQL database was suspended. |
|
A previously suspended PostgreSQL database was resumed. |
|
A logical backup of a PostgreSQL database was downloaded. |
|
The connection URL or password for a PostgreSQL database was viewed. |
Redis
Persistent disks
Event Name | Description |
---|---|
|
The persistent disk for a web service, private service, or background worker was created. |
|
The persistent disk for a web service, private service, or background worker was deleted. |
|
The persistent disk for a web service, private service, or background worker was restored to a snapshot. |
Environment variables
Projects & environments
Event Name | Description |
---|---|
|
A project was created. This event is always accompanied by one |
|
A project was deleted. This event is always accompanied by at least one |
|
A project environment was created. |
|
A project environment was deleted. |
|
A resource (such as a service or environment group) was moved into or out of a project environment. |
|
Protected access was enabled or disabled for a project environment. |
History of audit log event changes
Date | Change |
---|---|
|
Added the following event types:
|
|
Added initial set of event types. |