Audit Log¶
The Audit Log records every change made to your school's data — who made it, when, and what changed. It is available to administrators in Settings → Audit Log.
What gets logged¶
The audit log captures mutations only. Read operations are never logged. The following actions appear as entries:
User access changes
- Approving a new user request
- Rejecting an access request
- Changing a user's role
- Removing a user's access
- Transferring the Primary Admin designation
Course catalog changes
- Creating or updating a course (includes a field-by-field diff of what changed)
- Editing a single course field inline
- Toggling a course active/inactive
- Deleting a course
Teacher roster changes
- Creating or updating a teacher (includes a field-by-field diff of what changed)
- Toggling a teacher active/inactive
Settings changes
- Saving school configuration (includes a field-by-field diff of what changed)
- Saving the color theme
- Creating or updating a requirement group
- Creating or updating a student type
Schedule operations
- Promoting a schedule version to active
- Archiving a schedule version
- Locking or unlocking a schedule
- Deleting a schedule or validation session
Bulk data imports
- Course catalog import
- Teacher roster import
- Student types and requirement groups import
Reverts (see Undoing a change)
- Reverting a course field edit, course save, teacher save, or school configuration save
Support access (see Support Access)
- Requesting support access
- Cancelling a support access request
- A support engineer starting or ending a support access session
Log levels¶
Each entry has a severity level that reflects the potential impact of the action:
| Level | Meaning |
|---|---|
| Critical | High-impact change, such as approving the first admin, transferring primary admin, or any Support Access activity |
| Warning | Potentially significant change to access or data, such as role changes or user removal |
| Info | Routine operations such as schedule promotions and bulk imports |
Reading the log¶
Each entry shows:
- Time — when the action occurred
- Level — severity badge
- Action — a machine-readable identifier such as
user_approvedorschedule_promoted - By — the email address of the person who took the action
- Role — the role the user held at the time
Select ▼ detail on any entry to expand the full context object, which includes the specific records affected. For data-change entries such as course_saved or teacher_saved, the detail includes a changes map showing the before and after value for every modified field.
Undoing a change¶
Some entries display an ↩ Undo button. Clicking it reverts the affected fields to their previous values and writes a new _reverted entry to the log so the revert is itself audited.
Undo is available for:
- Single-field inline course edits (
course_field_edited) - Course saves that updated an existing course (
course_saved) - Teacher saves that updated an existing teacher (
teacher_saved) - School configuration saves (
school_config_saved)
Undo is not available for creates, deletes, user management changes, schedule operations, or bulk imports. Those actions require deliberate manual intervention.
Undo only reverts the logged fields
Because undo targets only the specific fields recorded in that entry, any modifications made after the entry to different fields are left untouched. However, if the same fields were modified again after this entry, undoing it may produce an unintended state that never existed before.
The confirmation dialog will warn you if newer log entries touched the same fields, and will list those entries so you can review them first.
Filtering¶
Use the filter bar to narrow entries by:
- Free text — matches against action name, email, and detail content
- Level — show only Critical, Warning, or Info entries
Use ↺ Refresh to reload the most recent entries. Select Load more at the bottom to page through older entries.
Retention¶
Entries are retained for 13 months and then automatically deleted by Firestore's TTL policy. This covers one full trailing calendar year at any point in time and satisfies GDPR's data minimisation principle for operational audit logs.