CoherenceCOHERENCE

Audit Log

Track every action in your workspace with a tamper-proof audit trail

The Audit Log provides a complete, tamper-proof record of every action taken in your Coherence workspace — by users, AI agents, automations, and the system itself.

What Gets Logged

Actor TypeExamples
UsersCreating records, editing fields, deleting contacts, sending emails
AI AgentsTool calls, record creation, document drafts
AutomationsWorkflow triggers, automated field updates
SystemScheduled jobs, data retention, system events

Each log entry includes:

  • Who performed the action (user, agent, or system)
  • What action was taken (create, update, delete, view, etc.)
  • Which resource was affected (record type and ID)
  • When it happened (timestamp)
  • What changed (before/after field values as a JSON diff)
  • Context (IP address, user agent, request metadata)

Viewing the Audit Log

  1. Navigate to Admin > Audit Log in the sidebar
  2. Use filters to narrow by actor, action type, resource type, or date range
  3. Click any entry to see the full change details

Exporting

Click Export CSV to download the current filtered view as a spreadsheet. Useful for compliance reporting and external audits.

Integrity Verification

Every audit log entry is part of a SHA-256 hash chain. Each entry's hash includes the previous entry's hash, creating a tamper-evident chain.

To verify integrity:

  1. Go to Admin > Audit Log
  2. Click Verify Integrity in the toolbar
  3. Coherence checks the hash chain and reports any broken links

If the hash chain is broken, it means an entry was modified or deleted outside of normal operations. This is flagged immediately during verification.

Retention Policy

By default, audit log entries are retained for 90 days. Admins can configure a custom retention period:

  1. Go to Admin > Audit Log
  2. Open Retention Policy in settings
  3. Set your desired retention period (30–365 days or unlimited)

Entries older than the retention period are automatically purged by a daily background job.

PHI Masking

For workspaces handling sensitive data (healthcare, finance), you can configure PHI masking rules. These automatically redact specific fields in audit log entries before they are stored.

  1. Go to Admin > Audit Log > PHI Masking Rules
  2. Create rules specifying which fields to mask
  3. Rules are applied during the batched write process — masked data is never stored in plaintext