OtesseOtesseDocs

Activity Logs

Otesse maintains a comprehensive audit trail of all actions taken in the system. Activity logs are essential for accountability, troubleshooting, and compliance.

What Is Logged

Every significant action creates a log entry:

CategoryExamples
AuthenticationLogin, logout, password change, MFA setup
BookingsCreated, updated, cancelled, rescheduled, status changes
CustomersCreated, updated, merged, deactivated
InvoicesGenerated, sent, voided, paid, refunded
UsersInvited, role changed, deactivated, permissions updated
SettingsCompany settings changed, branding updated, integrations modified
ZonesCreated, boundaries updated, pricing changed
TemplatesEmail/SMS templates created, edited, activated, deactivated

Log Entry Structure

Each log entry contains:

  • Timestamp — Exact date and time of the action (in your business time zone)
  • User — Who performed the action (name and ID)
  • Action — What was done (e.g., "booking.created", "user.role_changed")
  • Entity — What was affected (e.g., "Booking #1234", "User john@example.com")
  • Details — Specific changes (old value vs new value where applicable)
  • IP address — The IP address from which the action was performed
  • User agent — Browser/device information

Viewing Logs

Navigate to Settings > Activity Logs to access the log viewer.

Filtering

Filter logs by:

  • Date range — Select start and end dates
  • User — Filter by who performed the action
  • Action type — Filter by category (bookings, invoices, settings, etc.)
  • Entity — Search for a specific record
  • Search — Free-text search across log entries

Exporting

Export filtered logs as CSV for external analysis or compliance reporting:

  1. Apply your desired filters
  2. Click Export
  3. Choose date range and fields to include
  4. Download the CSV file

Retention

Activity logs are retained for:

  • Standard plan — 90 days
  • Professional plan — 1 year
  • Enterprise plan — 3 years (or custom retention based on compliance needs)

Logs older than the retention period are automatically archived. Archived logs can be requested from support for compliance purposes.

Best Practices

  • Regular review — Check logs weekly for unusual activity (login attempts from unknown IPs, bulk deletions, permission changes)
  • Incident response — When investigating an issue, start with the activity log to understand the timeline of events
  • Compliance — Activity logs support SOC 2 and similar compliance frameworks that require audit trails
Notification Settings