Home / Launchpad / Documentation

Audit Log

The audit log provides a centralized, immutable record of key actions and error events across your Launchpad portals. It helps security, operations, and compliance teams understand who did what, when, and where in your environment.

Scope of the audit log

The audit log is focused on administrative actions and system errors that affect your portal configuration, access, and stability. High‑volume tracing or performance metrics should be handled by your observability stack.

What is recorded

The audit log captures two primary categories of events:

  • Activity events — configuration changes and user actions, for example:
    • Creating, updating, or deleting API Products
    • Creating or updating Teams and members
    • Changes to RBAC roles or permissions
    • SSO, SMTP, or integration configuration changes
    • Page Builder publishes and unpublishes
  • Error events — failures or unexpected conditions detected by the platform, for example:
    • Failed login attempts or rejected SSO assertions
    • API Product or subscription provisioning failures
    • External integration errors (Apigee, email, etc.)
    • Unexpected server errors returned by the management APIs

Each event includes a timestamp, actor (user or system), event type, summary, and a structured payload with contextual metadata, such as affected resources, request identifiers, and error details when applicable.

Viewing the audit log

To access the audit log in the management console:

  1. Navigate to Workspace → Configuration → Audit Log in the left‑hand navigation.
  2. Use the search bar to filter by keyword, user, or resource identifier.
  3. Apply filters for event type (Activity vs Error), severity, or time range.
  4. Select an individual entry to see the full JSON payload and any related links.

Correlating events

Most events include a requestId or correlationId field. Use this to correlate entries with your existing logs or APM tools.

Permissions and access control

Access to the audit log is controlled by RBAC. In most deployments, only workspace administrators and security roles can view all audit entries.

  • Administrator — full access to all audit log entries within the workspace, including error payloads.
  • Developer/Standard users — no access by default, unless explicitly granted through a custom role.

If you created a custom Audit Viewer role in your environment, ensure it is granted read‑only permissions to audit events but not to the underlying configuration resources.

Best practices

  • Regularly review audit logs for suspicious activity or repeated failures.
  • Integrate audit exports into your SIEM or security monitoring tools where appropriate.
  • Use the audit log during incident response to reconstruct timelines of changes and failures.
  • Document which teams are responsible for reviewing and actioning audit findings.

For guidance on mapping audit events to your organization's security and compliance controls, contact your Centauri account team.

Ready to deploy your portal?

Book a 20-minute walkthrough and see Launchpad running with your Apigee environment.

Book a Demo View Pricing