Where is the Audit Log?

Web: Settings > Security > Audit Log. It is available to owners and managers. Staff cannot open the global Audit Log.

How is Audit Log different from Activity Feed?

Activity Feed shows notifications and work that needs attention. Audit Log records important changes and decisions for investigation.

Who can export audit data?

Owners can copy a summary or export CSV. Managers can view the global Audit Log but cannot export or copy the owner summary.

Audit Log

Last updated 20 June 2026

Audit Log

Audit Log is the owner and manager record of important venue changes. Use it when you need to investigate what happened, who acted, when it happened, and which booking, order, client, shared device, or AI action was involved.

Find it on web at Settings > Security > Audit Log.

Audit Log vs Activity Feed

Surface	Use it for	Who sees it
Activity Feed	Notifications, unread items, and work that needs attention now.	Staff see targeted items. Owners and managers see venue-wide activity.
Audit Log	Investigation and accountability for important changes and decisions.	Owners and managers only.

Audit Log is not another notification feed. It does not replace unread counts, push notifications, or action prompts.

What's included

Audit Log includes high-risk write and lifecycle events such as:

Checkout completion and payment-attempt history.
Booking history from existing booking audit records.
Shared-device claim, revoke, unregister, and rename events.
AI booking-concierge settings, approvals, rejects, blocked actions, executed actions, and thread pause/resume controls.
Selected legacy AI and conversation lifecycle rows where the source has safe venue-scoped audit data.

Each row shows the time, actor, source, category, action, object, and summary. AI rows include lifecycle, execution mode, trace/cost references where available, risk tier, and confidence.

Details and redaction

Open a row to see the detail drawer. The drawer may show before/after snapshots, linked records, customer-facing AI output, request metadata, and redaction notes.

Audit Log does not expose hidden prompts, system prompts, model reasoning, provider request bodies, secrets, full payment card data, or raw private payloads that are not safe for owner-facing review.

Export and copy

Owners can copy a text summary or export CSV from the Audit Log. Managers can view and filter the log but cannot copy the owner summary or export CSV.

CSV exports are designed for investigation handoff. They include list-level fields and AI lifecycle metadata, but not raw JSON payloads.

The Audit Log opens on the last 14 days by default to keep investigations fast and infrastructure usage predictable. Use 30-day or 90-day ranges only when the investigation needs older events. Copy summaries are capped to the first 100 matching events and CSV exports are capped to the first 500 matching events.

Group admin note

Current Audit Log access is venue-scoped. Future group-level audit views must use the existing group admin console rollout gate and group allowlist before exposing cross-location audit reads.

Audit Log

Last updated 20 June 2026

Audit Log

Find it on web at Settings > Security > Audit Log.

Audit Log vs Activity Feed

Surface	Use it for	Who sees it
Activity Feed	Notifications, unread items, and work that needs attention now.	Staff see targeted items. Owners and managers see venue-wide activity.
Audit Log	Investigation and accountability for important changes and decisions.	Owners and managers only.

Audit Log is not another notification feed. It does not replace unread counts, push notifications, or action prompts.

What's included

Audit Log includes high-risk write and lifecycle events such as:

Checkout completion and payment-attempt history.
Booking history from existing booking audit records.
Shared-device claim, revoke, unregister, and rename events.
AI booking-concierge settings, approvals, rejects, blocked actions, executed actions, and thread pause/resume controls.
Selected legacy AI and conversation lifecycle rows where the source has safe venue-scoped audit data.

Each row shows the time, actor, source, category, action, object, and summary. AI rows include lifecycle, execution mode, trace/cost references where available, risk tier, and confidence.

Details and redaction

Open a row to see the detail drawer. The drawer may show before/after snapshots, linked records, customer-facing AI output, request metadata, and redaction notes.

Audit Log does not expose hidden prompts, system prompts, model reasoning, provider request bodies, secrets, full payment card data, or raw private payloads that are not safe for owner-facing review.

Export and copy

Owners can copy a text summary or export CSV from the Audit Log. Managers can view and filter the log but cannot copy the owner summary or export CSV.

CSV exports are designed for investigation handoff. They include list-level fields and AI lifecycle metadata, but not raw JSON payloads.

Group admin note

Current Audit Log access is venue-scoped. Future group-level audit views must use the existing group admin console rollout gate and group allowlist before exposing cross-location audit reads.