Product tier: Available to Expert subscription tier with audit log add-on

Audit log offers a record of important events in your Greenhouse Recruiting environment from the previous 30 days. We've collected answers to a few commonly asked questions about audit log.

What data is retained in audit log?

Audit log records important events from your Greenhouse Recruiting environment from the previous 30 days. Check out the audit log event glossary for detailed information on the events that are logged.

How long is data retained in audit log?

Audit log retains data from the previous 30 days. This standard retention period allows you to respond to recent events and scrutinize anomalous activity. You can copy data over time to your own resources as necessary to create a longer paper trail.

How do I copy data to my own resources to build a longer paper trail?

Audit log provides a record of changes from the previous 30 days, but you can construct a longer paper trail using your own data storage resources. 

  • Business Intelligence Connector: With Redshift, make audit log SQL queries once per 30 days, then move the payload into your enterprise data warehouse for storage to create a longer paper trail. With S3, just copy the file every 30 days to create a rolling record in your storage.
  • Audit log API: Save your payloads to a data warehouse. You can make a query with the paging query parameter set to true to recover all your data. Then the next time you make a request, to avoid duplicate data use the paging query parameter set to true in conjunction with the after_time query parameter set to {ISO-8601 format date and time of last query}.

How is audit log different from change log or activity feed?

Unlike change log or activity feed in Greenhouse Recruiting, audit log is comprehensive and allows for the programmatic retrieval and analysis of data from the previous 30 days. You'll find event metadata, API key usage, and other data that isn't included in change log. Additionally, audit log is delivered directly to your S3 or Redshift environment with Business Intelligence Connector, or in real-time via audit log API, allowing your team to manipulate and transform data at scale in outside systems like third-party security monitoring apps or data development tools.

Why am I not seeing any data in audit log?

Audit log will retain up to 30 days of data starting from the time that it's enabled for an organization.

Does audit log include intrusion detection?

No, audit log doesn't offer any alarm or intrusion detection. Audit log is a rolling record of changes from Greenhouse Recruiting which can be connected to a third-party security monitoring app or data development tool for further investigation.

Why can't I see before and after details on an event?

Most audit log events consist of multiple logs in audit log. If you want to investigate an event further, use the event's request_id to find linked audit log entries containing event details. The entries linked by request_id will include event meta as before and after values or other important details about the event. However, some events, like those containing sensitive data, long-text fields, or custom fields, won't include these details. Learn more about what to expect with audit log.

Why isn't an event included in audit log?

Check the audit log event glossary for details on which events are included in audit log.