Platform > Security, Governance + Hosting Layer > Audit Trails + Logs
Audit trails + logs.
Every action, every execution, every change - logged with full context, immutably, from the moment data enters the platform to the moment it produces an output.
CAPABILITY OVERVIEW
A complete record of everything that happened.
Rayven's audit trails + logs capability captures a complete, immutable record of every event across the platform - workflow executions with full payload history, user login events, configuration changes, data access events, approval decisions + AI agent interactions.
Records are stored in Cassandra with immutable timestamps, queryable via the Inspect Data tab + exportable via Node Export for compliance reporting.
Every event is timestamped, user-stamped + context-stamped - providing the evidence organisations need for regulatory compliance, security investigation + operational governance.
Audit records captured include:
-
All workflow execution events (full payload state at every node)
-
User login events + session activity
-
Platform configuration changes (who changed what, when)
-
Data access events (queries, exports + API calls)
-
Approval decisions + exception handling outcomes
-
AI agent actions + LLM interaction history
KEY CAPABILITIES
What Audit Trails + Logs gives you.
Complete workflow execution history
Every workflow execution is stored in Cassandra with full payload content, node-by-node state + timestamp. The Inspect Data tab surfaces payload detail at any node for any execution. The complete execution history is queryable by UID, date range + workflow - for debugging, compliance + root-cause analysis.
Immutable audit records
All audit records are stored in Cassandra with immutable timestamps. Records cannot be edited or deleted by platform users. Immutability supports regulatory requirements for tamper-evident audit evidence - records accurately reflect what occurred.
User action logging
All user login events, configuration changes, data access events + control actions are logged with user identity + timestamp. User action logs provide a complete picture of who accessed what, when + what they changed.
Configuration change tracking
All changes to workflow configuration, application settings, governance policies + user permissions are logged with before/after state, user identity + timestamp. Configuration audit trails support change management + rollback investigation when issues follow a deployment.
Data export + compliance reporting
Audit records are exportable via Node Export for any time range. Exportable data supports compliance evidence packs, regulatory submissions + internal audit processes. Scheduled exports can be configured for automated distribution to compliance teams.
AI interaction logging
All AI agent actions, LLM connector inputs + outputs, and conversational analytics queries are logged with user identity, timestamp + data scope. AI interaction logs support governance reviews, accuracy audits + compliance requirements for regulated AI deployments.
HOW IT CONNECTS: EXPLAINER
Where Audit Trails + Logs fit in the Rayven Platform stack.
Audit Trails + Logs capture activity across every other layer of the platform as a unified, immutable record.
-
Integration Layer: all data ingestion events, connector authentication + API calls are logged.
-
Data Layer: all workflow executions storing data to Cassandra + MySQL are recorded in full.
-
Execution Layer: every workflow execution, AI action + automated output is logged with complete payload context.
-
Presentation Layer: all user interactions with dashboards, approval forms + control widgets are captured.
-
Security Layer: all login events, permission changes + configuration modifications are part of the audit trail.
USE CASES
How Audit Trails + Logs get used.
Compliance audit for a regulated industrial operator
A mining operator's compliance team produces quarterly audit evidence covering all data processing events, user access activity + automated action history. Audit records are exported from Rayven via Node Export, filtered by date range + category. The complete, immutable, timestamped record satisfies the auditor's requirements without manual log aggregation.
Security investigation following an unexpected system action
A platform administrator investigates an unexpected API call that fired from a Rayven workflow during off-hours. The Audit Trails + Logs capability surfaces the exact execution record - including the trigger event, payload content + user or system that initiated the workflow. Root cause is identified within minutes.
Partner providing audit evidence to enterprise clients
An MSP operating a white-label platform provides per-client audit evidence on request. Label-based audit record filtering produces a client-specific export covering their data processing, user access + automated action history - without accessing another client's records.
Rayven Audit Trails + Logs FAQs:
What does the Rayven audit trail record?
Rayven logs all user actions including logins, data reads and writes, configuration changes, workflow modifications, and API calls. Each event is captured with a timestamp, user identity, affected resource, and the before and after state of any change. See the Security Layer.
How long are audit logs retained?
Audit log retention is configurable per deployment. Rayven supports extended retention periods to meet regulatory requirements, and older logs can be archived to external storage for long-term compliance. See Governance + Controls.
Can audit logs be exported for compliance reporting?
Yes. Audit logs can be exported in CSV or JSON format and can be forwarded to external compliance or SIEM tools via webhook. Scheduled exports can be configured for regular reporting cycles. See API Endpoints.
Are user login and logout events logged?
Yes. All authentication events - including successful logins, failed attempts, logouts, and session timeouts - are recorded with a timestamp and source IP address. See Enterprise Security.
Can I see which user changed a specific record or configuration?
Yes. The audit trail is searchable by user, resource type, and time range. You can filter to see every action taken on a specific record, table, workflow, or configuration item. See Users, Roles + Access.
Are failed access attempts recorded?
Yes. Failed login attempts, permission denials, and blocked API requests are all captured in the audit log. This data helps detect brute-force attempts or misconfigured access policies. See Enterprise Security.
Can audit logs be searched or filtered?
Yes. The audit log interface provides full-text search and filter options by user, event type, date range, and resource. Results can be paginated and exported on demand. See Security Layer.
Are audit logs tamper-proof?
Yes. Audit log entries are write-once - no user, including administrators, can edit or delete individual log records. This ensures the integrity of the audit trail for compliance and forensic purposes. See Governance + Controls.
Does Rayven log API access events?
Yes. Every API call - including the endpoint, method, response code, and authenticated identity - is recorded. This provides visibility into integration activity and helps diagnose issues. See API Endpoints.
Can external SIEM tools consume Rayven audit data?
Yes. Rayven can forward audit events to external SIEM and log management platforms via webhook or scheduled export. Common integrations include Splunk, Microsoft Sentinel, and Datadog. See Prebuilt Connectors.
Also in Security, Governance + Hosting:
White Labelling
Custom domain, branding, colour palette + multi-tenant configuration for client-facing applications.
Deployment + Architecture
SaaS, private cloud, on-premise + Edge deployment options with identical functionality across all models.
Users, Roles + Access
Role-based access control, SSO, MFA + workspace-level permission management across all users.
Usage + Metrics
Real-time visibility of platform usage, workflow performance, data volumes + resource consumption.
Enterprise Security
Encryption at rest + in transit, network segmentation, secrets management + compliance-ready governance.
Governance + Controls
Data retention policies, deployment controls, rate limits + environment isolation across the platform.
Hosting + Management
Managed cloud hosting on AWS + Azure, SLA-backed uptime, automated backups + disaster recovery across all deployment types.
Want to discuss your hosting requirements?
Tell us where your data needs to live and we will walk you through the right deployment option for your environment.
Join the Shift
Discover the easy way to do something new.
Book a free 30 minute assessment with our team and we'll scope your project, needs + what a solution might look like.