FeaturesCSI Teachable Replacement AppUpdated March 15, 2026
Audit Log — Admin Action Recording
Audit Log — Admin Action Recording
Available from: v1.0.81
Overview
The platform records an immutable audit log of significant administrative actions. Every qualifying action performed by an admin is captured as a structured, write-once log entry that cannot be altered or removed. This provides an accountability trail useful for compliance reporting, security investigations, and operational troubleshooting.
Recorded Action Categories
The following admin actions are automatically captured:
| Category | Examples |
|---|---|
| SSO Configuration Changes | Creating, updating, or deleting an identity provider (IdP) connection; modifying SSO attribute mappings |
| Enrollment Modifications | Manually enrolling or unenrolling a learner; changing a learner's enrollment status |
| Course Publishing | Publishing or unpublishing a course |
| Import Job Starts | Initiating a Teachable content import job |
Log Entry Structure
Each audit log entry captures the following fields:
- Timestamp — exact date and time the action occurred (UTC)
- Actor — identity of the admin who performed the action
- Action Type — a categorised label describing what was done (e.g.
sso_config.updated,enrollment.removed,course.published,import_job.started) - Affected Resource — the specific entity that was changed (e.g. course ID, user ID, IdP name)
- Change Detail — a structured summary of what changed (where applicable)
Immutability
Audit log entries are write-once. Once recorded:
- Entries cannot be edited by any admin, including super-admins.
- Entries cannot be deleted through the platform interface or API.
- The log provides a trustworthy, unbroken chain of events suitable for external audit review.
Compliance Use Cases
The audit log is designed to support common compliance and governance requirements:
- SOC 2 (CC6, CC7) — evidence of access control changes and monitoring of privileged actions
- ISO 27001 (A.12.4) — logging and monitoring of system events
- Internal governance — demonstrating that only authorised admins performed sensitive configuration changes
Troubleshooting With the Audit Log
The audit log is equally useful for day-to-day operational troubleshooting:
- Identify which admin published or unpublished a course and when.
- Trace the sequence of SSO configuration changes that preceded an authentication failure.
- Confirm whether an import job was started and by whom.
- Investigate unexpected enrollment changes by reviewing the full modification history for a learner.
Notes
- Audit logging is enabled by default for all tenants from v1.0.81 onwards. No configuration is required.
- Log entries are generated server-side and are not dependent on client-side activity, ensuring completeness even if an admin's session is interrupted.