Audit logs provide complete transparency into all activities in your TenancyDesk account—essential for compliance, security, and dispute resolution.
What Gets Logged
User Activities:
- Login/logout (with IP address)
- Failed login attempts
- Password changes
- 2FA enable/disable
Deal Activities:
- Deal created/updated/deleted
- Status changes
- Document uploads/downloads
- Party additions/changes
- Payment marked received
- Deal assignments
Team Management:
- User invited/removed
- Role changes
- Permission modifications
Settings Changes:
- Billing updates
- Integration connections
- Webhook configurations
- API key generation
Every Log Entry Includes:
- User who performed action
- Action type
- Timestamp (UAE timezone)
- IP address
- Changes made (before/after)
- Associated deal/party/document
Accessing Audit Logs
Path: Settings → Security → Audit Logs
Filters:
- User: See one user's activity
- Action Type: Login, deal.created, document.uploaded, etc.
- Date Range: Last 7 days, 30 days, custom range
- Entity: Specific deal, document, or party
Search: Free text search across all logs
Common Use Cases
1. Security Investigation
- Question: "Who accessed this sensitive deal?"
- Action: Filter by deal ID → See all users who viewed/edited
- Result: Identify unauthorized access
2. Dispute Resolution
- Question: "Tenant claims we never received their visa"
- Action: Search for document uploads → Find upload record
- Result: Proof of receipt with timestamp
3. Accountability
- Question: "Who changed this deal's rent amount?"
- Action: Filter deal → Look for update events
- Result: See exactly who made change and when
4. Compliance Audit
- Question: "Show all GDPR data access for this tenant"
- Action: Filter by party name
- Result: Complete access log for regulators
5. Performance Review
- Question: "How many deals did Fatima create this month?"
- Action: Filter user=Fatima, action=deal.created, last 30 days
- Result: Count of deals created
Exporting Audit Logs
For Compliance/Legal Needs:
Step 1: Apply filters Step 2: Click "Export" Step 3: Choose format:
- JSON - Machine-readable, for analysis
- CSV - Excel-compatible, for spreadsheets
- PDF - Human-readable, for presentations
Export Includes:
- All filtered log entries
- Metadata (export date, user who exported, filters applied)
- Digital signature (for legal validity)
Use Cases:
- RERA audit requests
- Internal compliance reports
- Legal dispute evidence
- Security incident reports
Log Retention
How Long Logs Are Kept:
- Solo Plan: 30 days
- Starter Plan: 90 days
- Pro Plan: 180 days (6 months)
- Enterprise Plan: 365 days (1 year)
Cannot Be:
- Modified (immutable once created)
- Deleted (except after retention period)
- Hidden from Admins
Why Immutable?
- Legal evidence integrity
- Compliance requirements
- Dispute resolution reliability
Security Alerts from Logs
Automatic Alerts:
1. Multiple Failed Logins
- 5 failed attempts from same IP
- Email to all Admins
- IP temporarily blocked
2. Access from New Location
- Login from new country/city
- Email to user: "Was this you?"
- Require 2FA verification
3. Bulk Data Export
- Someone exports 100+ deals
- Email to Admins: "Large export detected"
- Review for data theft
4. Unusual Activity Hours
- Login at 3am (outside business hours)
- Could indicate account compromise
- Alert sent for review
Reading Audit Log Entries
Example Entry:
{
"timestamp": "2026-01-15 14:32:18 GST",
"user": "fatima@propertyfirm.ae",
"action": "deal.updated",
"entity": "DEAL-2026-001234",
"ip_address": "185.123.45.67",
"changes": {
"annual_rent": {
"before": 95000,
"after": 100000
}
},
"user_agent": "Chrome 120.0.0 / Windows 10"
}
What This Shows:
- Who: Fatima (Property Administrator)
- What: Changed annual rent
- When: Jan 15, 2:32pm
- Where: From IP 185.123.45.67 (office location)
- How Much: Increased from AED 95K → AED 100K
- Device: Windows laptop with Chrome
Best Practices
1. Regular Reviews:
- Weekly: Check failed login attempts
- Monthly: Review permission changes
- Quarterly: Export full audit for compliance
2. Investigate Anomalies:
- Login from unexpected location
- Action performed by unexpected user
- Bulk changes to critical data
3. Document Investigations:
- Export relevant logs
- Add investigation notes
- Store in secure location
4. Train Team:
- Explain that all actions are logged
- Encourages accountability
- Deters misconduct
5. Compliance Ready:
- Know how to export logs quickly
- Practice RERA audit scenario
- Keep 7-year archives (Enterprise)
Next Steps
- Access audit logs now (familiarize yourself)
- Practice filtering and searching
- Export a test report (try JSON, CSV, PDF)
- Schedule monthly audit log review
Was this guide helpful?
Ready to put this into practice?
Start your 14-day free trial and apply what you've learned.
Start Free Trial