Audit Trails

Audit Trail Overview

OK!Gotcha provides detailed audit trails for all approval-related activities. Every action in the approval workflow is logged with relevant metadata, creating a complete audit trail that can be used for compliance, debugging, and analytics.

What Gets Logged

Approval Requests

Timestamps, requesters, function details, and parameters for all approval requests.

Approval Decisions

Timestamps, approvers, decisions (approve/reject), and any comments provided.

Function Execution

Timestamps, results, execution times, and any errors for approved functions.

Configuration Changes

Changes to approval workflows, approver groups, and notification settings.

Accessing Audit Logs

Dashboard Access

Audit logs are available in the OK!Gotcha dashboard, with filtering and search capabilities to help you find specific events:

https://app.okgotcha.com/audit-logs

API Access

You can also access audit logs programmatically via the API:

import { OkGotcha } from '@okgotcha/sdk';

const ok = OkGotcha();

// Get audit logs for a specific time range
const logs = await ok.getAuditLogs({
  startTime: new Date('2023-01-01'),
  endTime: new Date('2023-01-31'),
  limit: 100,
  offset: 0
});

// Get audit logs for a specific approval
const approvalLogs = await ok.getAuditLogs({
  approvalId: 'apr_12345'
});

Log Structure

Each audit log entry includes:

string

Unique identifier for the log entry.

timestamp

string

ISO-8601 formatted timestamp when the event occurred.

eventType

string

Type of event (e.g., approval.created, approval.approved, function.executed).

actor

object

Information about who performed the action.

Show child attributes

string

User ID of the actor.

type

string

Type of actor (e.g., user, system, api).

resource

object

Information about the resource affected.

Show child attributes

string

Resource ID (e.g., approval ID).

type

string

Resource type (e.g., approval, function).

metadata

object

Additional context-specific information about the event.

Retention and Compliance

Audit logs are retained for a configurable period based on your plan:

Plan	Retention Period
Developer	30 days
Team	90 days
Enterprise	1-7 years (configurable)

For regulated industries, we offer extended retention options and compliance certifications:

SOC 2

SOC 2 Type II compliant audit trail storage

GDPR

GDPR-compliant data handling

HIPAA

HIPAA-eligible for healthcare applications

Export Options

Audit logs can be exported in several formats:

# Export logs to JSON via the API
curl -X GET "https://api.okgotcha.com/v1/audit-logs?startTime=2023-01-01&endTime=2023-01-31" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  > audit_logs.json

Next Steps

Learn about notification options for approval events
Set up flexible workflows for different approval scenarios
Explore integration options for implementing approvals

Get Started

Core Concepts

Integration

Features

Audit Trail Overview

What Gets Logged

Approval Requests

Approval Decisions

Function Execution

Configuration Changes

Accessing Audit Logs

Dashboard Access

API Access

Log Structure

Retention and Compliance

SOC 2

GDPR

HIPAA

Export Options

Next Steps

Get Started

Core Concepts

Integration

Features

​Audit Trail Overview

​What Gets Logged

Approval Requests

Approval Decisions

Function Execution

Configuration Changes

​Accessing Audit Logs

​Dashboard Access

​API Access

​Log Structure

​Retention and Compliance

SOC 2

GDPR

HIPAA

​Export Options

​Next Steps

Audit Trail Overview

What Gets Logged

Accessing Audit Logs

Dashboard Access

API Access

Log Structure

Retention and Compliance

Export Options

Next Steps