Get Started

Audit Logs

Export a timeline of material actions performed by your organization.

Admins of teams with an Organization or Enterprise plan can export a CSV audit log of material events that occurred in the team over a specified time frame.

Export your audit log data in the Render Dashboard from the Audit Logs section of your Team Settings page:

UI for exporting audit logs

Availability of audit log data

  • Render begins retaining audit log data for your team as soon as you upgrade to an Organization or Enterprise plan.
    • Event data from prior to upgrading is not available.
  • If your Organization or Enterprise plan started before June 24, 2024, audit log data is available from that date onward.
  • Whenever Render adds a new audit log event type, tracking for that event begins on the date of the event’s introduction.

Audit log format

You can export your audit log data as a chronologically ordered CSV file with a separate row for each distinct event. The file includes the following columns:

ColumnDescription

timestamp

The UTC timestamp when the event occurred.

actor

The entity that performed the action. Depending on the type of actor, this value has one of two formats:

  • The email address of the existing Render user that performed the action (e.g., person@example.com)
    • This is the most common actor type and format.
  • The ID of the deleted Render user that performed the action (e.g., Deleted User ID#123123123)

event

The type of event that occurred.

status

Indicates whether the event’s associated action succeeded. One of the following values:

  • success
  • error

metadata

A JSON object containing additional details about the event.

The fields of this object vary depending on the event type.

Event types

Each event in your audit log corresponds to a specific action or change to your Render team’s resources. The following sections list tracked event types and provide a brief description of each.

Member management

Event NameDescription
InviteToTeamEvent

A user was invited to the team.

RemoveUserFromTeamEvent

A user was removed from the team.

AcceptTeamInviteEvent

An invitation to join the team was accepted.

ChangeTeamMemberRoleEvent

A team member’s role was changed.

ChangeTeamAllowedLoginMethodsEvent

The team’s set of allowed login methods was changed.

Currently, a team can either allow all Render-supported login methods or require login via Google account.

ChangeTeam2FAEnforcementEvent

Two-factor authentication (2FA) enforcement was enabled or disabled for the team.

LoginEvent

A team member logged in.

LogoutEvent

A team member logged out.

Apps & services

Render does not log events for services belonging to a service preview or preview environment.
Event NameDescription
CreateServerEvent

A web service, private service, background worker, or static site was created.

SuspendServiceEvent

A web service, private service, background worker, or static site was suspended.

ResumeServiceEvent

A previously suspended web service, private service, background worker, or static site was resumed.

DeleteServerEvent

A web service, private service, background worker, or static site was deleted.

StartShellEvent

A service was accessed via SSH, either from the command line or from the the service’s Shell page in the Render Dashboard.

ApplyBlueprintEvent

A new Blueprint was created and applied to the team.

CreateCronJobEvent

A cron job was created.

DeleteCronJobEvent

A cron job was deleted.

Datastores

General

Event NameDescription
UpdateIPAllowListEvent

The IP allow list for a PostgreSQL database or Redis instance was updated.

PostgreSQL

These events are logged only for primary PostgreSQL databases, not for high availability standby instances or read replicas.
Event NameDescription
CreatePostgresEvent

A PostgreSQL database was created.

DeletePostgresEvent

A PostgreSQL database was deleted.

SuspendPostgresEvent

A PostgreSQL database was suspended.

ResumePostgresEvent

A previously suspended PostgreSQL database was resumed.

DownloadDatabaseBackupEvent

A backup of a PostgreSQL database was downloaded.

Redis

Event NameDescription
CreateRedisEvent

A Redis instance was created.

DeleteRedisEvent

A Redis instance was deleted.

Persistent disks

Event NameDescription
CreateServerDiskEvent

The persistent disk for a web service, private service, or background worker was created.

DeleteServerDiskEvent

The persistent disk for a web service, private service, or background worker was deleted.

RestoreDiskSnapshotEvent

The persistent disk for a web service, private service, or background worker was restored to a snapshot.

Environment variables

Event NameDescription
UpdateEnvVarsEvent

One or more existing environment variables were modified for a service.

CreateEnvVarsEvent

One or more environment variables were created for a service.

DeleteEnvVarsEvent

One or more environment variables were deleted for a service.

Projects & environments

Event NameDescription
CreateProjectEvent

A project was created.

This event is always accompanied by one CreateEnvironmentEvent event, because every project is created with a default environment.

DeleteProjectEvent

A project was deleted.

This event is always accompanied by at least one DeleteEnvironmentEvent event, because deleting a project also deletes all of its associated environments.

CreateEnvironmentEvent

A project environment was created.

DeleteEnvironmentEvent

A project environment was deleted.

MoveEnvironmentResourceEvent

A resource (such as a service or environment group) was moved into or out of a project environment.

ChangeEnvironmentProtectionEvent

Protected access was enabled or disabled for a project environment.

History of audit log event changes

DateChange
2024-06-24Added initial set of event types.