Audit Log Troubleshooting

Diagnose audit-log authorization, filtering, pagination, coverage, context, and export issues.

AuthOS release 0.8.2 API v1 Latest-only documentation
Updated Jul 15, 2026 Edit this page
On this page

Start with the endpoint response, then verify the deployed release’s event coverage and the collection logic used by the consuming system.

Symptom guide

Symptom Check Resolution
401 response Authorization header and token validity Send a current organization-management JWT
403 response Caller role Use an organization owner or admin account
Expected record is absent Event coverage, organization scope, action name, and collection time Confirm the release emits that event and remove over-narrow filters
Filter returns no records Exact action value and target-type/target-ID pairing Load event types and use the returned value; pair target ID with target type
Export stops at 100 records Pagination metadata Continue until has_next is false
Actor, date, IP, or success filter seems ignored Supported query parameters Retrieve paginated records and apply those filters client-side
Details are incomplete Event-specific schema and background-job behavior Inspect the event type; IP address and user agent may be null
Compliance export is incomplete Raw page coverage and retention window Re-run a complete paginated export and document the collection boundary

Troubleshooting workflow

  1. Reproduce with a direct request from the endpoint reference.
  2. Confirm organization slug, caller role, and response pagination.
  3. Compare the requested action with the event-types endpoint.
  4. Remove filters, then reintroduce them one at a time.
  5. Verify the source action is covered by the deployed release.
  6. Preserve raw responses before client-side filtering or export transforms.

Original troubleshooting guidance

Troubleshooting:

  • Use audit logs to track configuration changes
  • Compare timestamps with issue reports
  • Check details field for context
  • Verify actor identity for change management