Audit logs

See what your users are doing.


Audit logs are only available on Business and Enterprise plans and require administrator permissions.

Retool automatically logs actions like running queries and deactivating users. The logs include the user's name, the action taken, and when the action took place. To access audit logs, click your user name in the top right corner of any page and select Audit logs.

Viewing audit logs

Logged events

By default, we log the following events in your Retool audit log:

  • Running queries (QUERY_RUN)
  • Page views (PAGE_VIEW)
  • User events:
    • Logins (LOGIN)
    • Logouts (LOGOUT)
    • Sign ups (SIGN_UP)
    • Redeeming an invite (REDEEM_INVITE)
    • Inviting users (INVITE_USER)
  • Group events:
    • Creating groups (CREATE_GROUP)
    • Updating groups (UPDATE_GROUP)
    • Deleting groups (DELETE_GROUP)
    • Adding users to groups (ADD_USERS_TO_GROUP)
    • Removing users from groups (REMOVE_USERS_FROM_GROUP)

To access it, visit /audit. You can see a list of all the events, the user who performed them, and the time. You can also drill down further to see more details - including the actual query that was ran, the parameters that were passed in, the IP address, response time, etc.

Retool retains audit log data for at least one year.

Hiding parameters from logs

You can hide parameters from logs by specifying it on a per-query basis. See here for more details.

To prevent all headers in queries from getting added to audit logs, enable the HIDE_ALL_HEADERS_IN_AUDIT_LOG_EVENTS environment variable (on-prem deployments only)

Querying audit logs via SQL

This is only enabled on on premise deployments. If you're interested in an on-prem deployment, please reach out.