Audit Logs & Reporting
Every action in Privacy Labs is logged for compliance and audit purposes. Export logs for legal review or share with external auditors.
What Gets Logged
The audit log captures all compliance-relevant events:
Consent Events
- • Consent given (with categories and timestamp)
- • Consent withdrawn
- • Consent preferences updated
- • Identity linked to consent record
DSR Events
- • Request submitted
- • Request assigned to operator
- • Status changed (pending → in progress → resolved)
- • Notes added
- • Request closed
Configuration Events
- • Banner settings updated
- • Cookie categories modified
- • Team member added/removed
- • Role permissions changed
Security Events
- • User login/logout
- • Failed login attempts
- • Password changes
- • API key generated/revoked
Log Entry Format
Each log entry contains:
| Field | Description |
|---|---|
| timestamp | ISO 8601 timestamp (IST) |
| action | Event type (e.g., CONSENT_GIVEN, DSR_CREATED) |
| actor | User or system that performed the action |
| target | Resource affected (consent record, DSR, config) |
| ip_address | IP address of the actor |
| metadata | Additional context (old/new values, etc.) |
Filtering Logs
Use filters to find specific events in the dashboard:
Date range Event type Actor Resource ID
Exporting Logs
CSV Export
Download filtered logs as CSV for spreadsheet analysis or external tools.
JSON Export
Export as JSON for programmatic processing or integration with SIEM tools.
Log Retention
Default: 7 years
Audit logs are retained for 7 years to meet DPDP Act requirements. Logs are immutable and cannot be deleted.
Sharing with Auditors
Create time-limited, read-only access for external auditors:
- Generate auditor invite from Settings → Audit Access
- Set expiry date (7, 30, or 90 days)
- Auditor sees read-only view of logs and compliance reports
- Revoke access anytime