Audit Log
Last Updated: 2026-04-20
The audit log is the who-did-what record for your business. Every important change — a role update, a released number, a subscription change — is recorded with the actor, timestamp, and before/after values.
Use the audit log for:
- Compliance — SOC 2, HIPAA, GDPR processors all expect activity logs
- Debugging — "who changed the greeting yesterday?"
- Security incident response — trace unusual actions
Requires Admin or Super Admin role.
Opening the audit log
- Go to Settings
- Click Audit Log in the left nav (or Settings → Audit Log)
You'll see a table of recent events, most recent first.
What's logged
| Category | Examples |
|---|---|
| Agents | Created, updated, deleted, instructions edited, status changed |
| Numbers | Purchased, imported via SIP, assigned, released |
| Team | Member invited, role changed, removed |
| Integrations | Connected, disconnected, assigned to agent |
| Settings | Business info changed, retention updated, notification defaults changed |
| Billing | Plan upgraded / downgraded, payment method changed |
| Requests | Status changes, assignment changes (only when admin-driven) |
| Data | Export requested, bulk delete requested |
Routine read events (viewing a request, listening to a recording) are not logged.
Each entry shows
- Actor — the team member who performed the action (or
systemfor automated jobs) - Action — what they did (
agent.update,number.release, etc.) - Target — the object affected (agent ID, number, etc.)
- Before / After — changed fields with old and new values
- Timestamp — in your personal timezone
- IP address — where the action came from
Filtering
Use the filters above the table:
- Date range — default is last 30 days
- Actor — filter by team member
- Action type — e.g., show only
number.*events - Target — paste an ID to see everything touching one object
Retention
Audit log entries are retained for 3 years (1095 days) by default. Mylla
enforces that retention automatically with the daily
/api/cron/audit-retention job. If legal or compliance policy requires a
different period, update AUDIT_LOG_RETENTION_DAYS and the matching security
docs together so the configured value stays aligned with the documented
standard.
Exporting
- Apply any filters you want
- Click Export CSV
The CSV includes all columns above. Use it for compliance reviews or load it into your SIEM.
What to watch for
Regularly review:
- Role promotions — did anyone get Admin or Super Admin who shouldn't have?
- Integration disconnects — did a connection break that you now need to repair?
- Off-hours activity — logins / changes from unusual times or locations
Permissions
| Action | Super Admin | Admin | Member |
|---|---|---|---|
| View audit log | ✅ | ✅ | ❌ |
| Export CSV | ✅ | ✅ | ❌ |
| Change retention | ✅ | ❌ | ❌ |