Activity Logs
Track create, update, delete, deploy, and authentication events across a Devpilot workspace with a complete audit trail.
Activity logs give you a chronological record of what happened inside a workspace. Every time a member creates or updates a server, triggers a deployment, logs in, enables 2FA, or has their access to a resource changed, Devpilot writes an entry you can review, filter, and export.
What gets logged
Each activity log entry records who performed the action, which workspace it happened in, a short title, the resource affected (its type and identifier), the action and event, a description, and additional context (including IP address and user agent when available).
Resources tracked
Activity logs are recorded against these resource types:
- App — created, updated, deleted.
- Project — created, deleted.
- Server — created, updated, deleted.
- Deployment — started, completed, updated, deleted.
- Backup — created, deleted.
- Invitation — cancelled.
- User — logged in, logged out, failed login, password reset requested, 2FA setup initiated, 2FA enabled, 2FA verification successful.
Action vocabulary
The core action set covers: created, updated, deleted, restored, viewed, logged in, logged out, uploaded, downloaded, deployed, backed up, restored backup, scaled, monitored, integrated, disconnected, invited, joined, left, role changed, permission granted, and permission revoked.
Accessing activity logs
Open a workspace and choose Activity Logs from the sidebar.
The activity log interface
Each entry displays:
| Field | Description |
|---|---|
| Timestamp | When the event occurred, with a human-readable relative time. |
| User | The member who performed the action (name, email, avatar). |
| Title / action | The action taken (for example Deployed, Created, Logged in). |
| Event | The specific event (for example Deployment completed). |
| Resource | The resource type (App, Project, Server, Deployment, Backup, Invitation, User). |
| Module | The area the event originated from (workspace, project, app, server, member, user, file, integration). |
| Description | A short description of what happened. |
| IP address / user agent | Where available, captured when the event occurred. |
Entries are tagged as Recent (within the last 24 hours) and Today to make scanning easier.
Filtering
The activity log supports the following filters:
Filter by user
Pick a workspace member from the User dropdown to show only entries performed by that user.
Filter by action
Narrow the list to a single action such as Created, Deployed, Logged in, or Role changed.
Filter by resource
Pick a resource type (and optionally a specific resource) to focus on one item — for example, all entries for a specific App or Server.
Filter by module
Pick a module: workspace, project, app, server, member, user, file, or integration.
Filter by date range
Set a From and To date to limit the list to a specific window.
Search
Enter text to match against titles and descriptions.
Filters can be combined freely.
Statistics and timeline
Two additional views are available from the activity logs page:
- Statistics aggregate entry counts by action, user, module, and resource type for the current filter set.
- Timeline groups entries into buckets you can switch between hour, day, week, or month, so you can see activity spikes over time.
Users view
The Users panel lists workspace members with activity totals, so you can see who has been most active in the selected window. This uses the same filter set as the main list (except for the user filter itself).
Exporting
You can export the current filtered view as a background job.
Apply your filters
Narrow the list to the entries you want to export.
Click Export
Devpilot queues the export and runs it in the background.
Download from the exports page
When the job finishes, download the file from your exports list. The filename records the workspace ID and the filters applied.
The export captures the filter set exactly as applied, plus the user who requested it and the timestamp — useful when you need the export itself to be auditable.
Access audit logs
Activity logs cover the general audit trail. A separate access audit log tracks access-control changes specifically:
- Granted — access was granted to a resource (no previous role, a new role set).
- Revoked — access was removed.
- Modified — the role on an existing access was changed.
Each access audit entry records the target member, the affected resource, the old and new roles, the user who performed the action, the IP address, and the user agent. Workspace members with the View users permission can view and filter this list by member, resource, action, and date range.
Retention
Devpilot prunes old activity log entries on a schedule. Check with your workspace administrator if you need a longer window than the default for compliance reporting, and export regularly if you do.
Best practices
- Check after an incident: filter by the affected resource and a narrow date range to see what changed just before the issue.
- Review new members: look at a new member's first week of activity to confirm they are following team conventions.
- Pair with webhook / hook logs: activity logs answer "what happened in Devpilot?"; hook and webhook logs answer "what happened on the server?".
- Export on a schedule: if you need long-term retention for compliance, queue periodic exports rather than relying on in-app retention.