Audit logs

See what your users are doing.


Audit logs are only available on Business and Enterprise plans.

Retool automatically stores information about how your internal tools are used. These logs can be accessed only by admins. So if you're curious why somebody's account is deactivated, when it was done, and who it was done by... look no further! All of those details are automatically logged.

Logged events

By default, we log the following events in your Retool audit log:

  • Running queries (QUERY_RUN)
  • Page views (PAGE_VIEW)
  • User events:
    • Logins (LOGIN)
    • Logouts (LOGOUT)
    • Sign ups (SIGN_UP)
    • Redeeming an invite (REDEEM_INVITE)
    • Inviting users (INVITE_USER)
  • Group events:
    • Creating groups (CREATE_GROUP)
    • Updating groups (UPDATE_GROUP)
    • Deleting groups (DELETE_GROUP)
    • Adding users to groups (ADD_USERS_TO_GROUP)

To access it, visit /audit. You can see a list of all the events, the user who performed them, and the time. You can also drill down further to see more details - including the actual query that was ran, the parameters that were passed in, the IP address, response time, etc.

Retool retains audit log data for at least one year.

Hiding parameters from logs

You can hide parameters from logs by specifying it on a per-query basis. See here for more details.

To prevent all headers in queries from getting added to audit logs, enable the HIDE_ALL_HEADERS_IN_AUDIT_LOG_EVENTS environment variable (on-prem deployments only)

Querying audit logs via SQL

This is only enabled on on premise deployments. If you're interested in an on-prem deployment, please reach out.

Did this page help you?