# Audit Logs

Audit logs record key actions in your Screendesk workspace. Use them for security investigations and compliance (SOC 2, HIPAA, GDPR).

{% hint style="success" %}
This feature is available on the **Enterprise** plan.
{% endhint %}

### Quick start

{% stepper %}
{% step %}

### Open audit logs

Go to **Account Settings → Security → Audit logs**.
{% endstep %}

{% step %}

### Inspect an event

Click an event to see IP, device info, and any before/after values.

<figure><img src="https://3820804400-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FfW6XSzJSKsNyZnOkSJPt%2Fuploads%2FAXMmQcFzC8qN2FKWGnK9%2FCleanShot%202026-02-09%20at%2012.55.58%402x.png?alt=media&#x26;token=172305ac-5d61-461a-8301-29f28ea22b69" alt=""><figcaption></figcaption></figure>
{% endstep %}
{% endstepper %}

### Explore audit logs

Audit events are grouped into categories like authentication, data access, and admin actions. Use filters to narrow results by user, severity, status, or date range.

<table data-view="cards"><thead><tr><th>Topic</th><th data-card-target data-type="content-ref">Page</th></tr></thead><tbody><tr><td>View and filter</td><td><a href="audit-logs/export-and-retention">export-and-retention</a></td></tr><tr><td>Export and retention</td><td><a href="audit-logs/view-and-filter-audit-logs">view-and-filter-audit-logs</a></td></tr><tr><td>Webhooks / SIEM</td><td><a href="audit-logs/webhooks-and-siem-delivery">webhooks-and-siem-delivery</a></td></tr><tr><td>Integrity and event reference</td><td><a href="audit-logs/integrity-and-event-reference">integrity-and-event-reference</a></td></tr></tbody></table>

### FAQ

<details>

<summary>Can I edit or delete audit logs?</summary>

No. Audit logs are immutable by design.

</details>

<details>

<summary>Do audit logs count against storage?</summary>

No. They do not impact recording storage.

</details>

<details>

<summary>Can I disable audit logging?</summary>

No. On Enterprise, logging is always on.

</details>