Overview
CircleCI audit logs capture important activities and changes within your CircleCI organization. This reference guide lists common and important events you may encounter in your audit logs.
Note: This list is not comprehensive, and you may see additional action types logged that are not represented below.
Account Management Service (AMS)
ams.invitation.accepted- User accepted an invitation to join an organizationams.invitation.created- Invitation sent to a user to join an organizationams.invitation.revoked- Organization invitation was revoked or cancelled
Audit Log Management
audit_log.download_url.generated- Download URL created for audit log exportaudit_log.requested- Audit log data was requested for viewing or export
Build Management
build.create- New build was initiated
Checkout Keys
checkout-key.create- Deploy key created for repository checkoutcheckout-key.delete- Deploy key removed from projectcheckout-key.delete-all- All deploy keys removed from project
Component Management
component.cancel_release- Component release was cancelledcomponent.promote_release- Component promoted to a release version
Context Management
context.create- New context created for storing environment variablescontext.delete- Context removed from organizationcontext.env_var.delete- Environment variable removed from contextcontext.env_var.store- Environment variable added or updated in contextcontext.group_add- Security group granted access to contextcontext.group_remove- Security group access removed from contextcontext.restriction.create- Access restriction applied to contextcontext.restriction.delete- Access restriction removed from contextcontext.secrets.accessed- Context secrets were accessed during workflow execution
Deploy Keys
deploy-keys.delete- Deploy key removed from project
Group Management
group.delete- Security group deletedgroup.update- Security group settings modifiedgroup_member.add- User added to security groupgroup_member.remove- User removed from security group
Orb Management
orb.namespace.create- New orb namespace createdorb.orb.create- New orb createdorb.publish.dev- Orb published as development versionorb.publish.release- Orb published as stable releaseorb.version.promote- Orb version promoted from dev to release
Organization Management
org.contacts.updated- Organization contact information updatedorg.create- New organization createdorg.rename- Organization name changedorg.workflows.deleted- Organization workflows were deletedorg_member.remove- Member removed from organizationorganization.settings.update- Organization settings modified
Project Management
project.add- Project added to organizationproject.api_token.create- API token created for projectproject.create- New project createdproject.delete- Project deletedproject.env_var.copy- Environment variables copied between projectsproject.env_var.create- Environment variable added to projectproject.env_var.delete- Environment variable removed from projectproject.follow- User started following projectproject.rollback- Project rolled back to previous versionproject.settings.update- Project settings modifiedproject.setup- Project initial setup completedproject.ssh_key.create- SSH key added to projectproject.ssh_key.delete- SSH key removed from projectproject.stop_building- Project building disabledproject.toggle-abusive- Project marked or unmarked as abusiveproject.unfollow- User stopped following projectproject_group_role_grant.create- Role permissions granted to group for projectproject_group_role_grant.update- Role permissions modified for group on project
Release Integration
release_integration.create- Release integration configuredrelease_integration.delete- Release integration removedrelease_integration.token.create- Token created for release integrationrelease_integration.token.revoke- Token revoked for release integration
Role Management
role_grant.delete- Role permissions removed from userrole_grant.update- Role permissions modified for user
Scheduling
schedule.create- New workflow schedule createdschedule.delete- Workflow schedule removedschedule.update- Workflow schedule modified
Triggers
trigger.create- New trigger created for pipelinetrigger.delete- Trigger removed from pipelinetrigger_event.create- Trigger event was generated
Webhooks
webhook.create- New webhook endpoint configuredwebhook.delete- Webhook endpoint removedwebhook.update- Webhook configuration modified
Workflow Management
workflow.cancel- Workflow execution cancelledworkflow.job.context.request- Job requested access to contextworkflow.job.finish- Job completed executionworkflow.job.scheduled- Job was scheduled for executionworkflow.job.start- Job began executionworkflow.retry- Workflow execution retriedworkflow.schedule.start- Scheduled workflow startedworkflow.start- Workflow execution initiated
Additional Information
These audit log events help you monitor and track important activities within your CircleCI organization. You can use this information to:
Monitor security-related activities like permission changes and access grants
Track project and workflow lifecycle events
Review context and environment variable modifications
Audit organizational changes and member management
Additional Resources:
CircleCI Documentation : Audit logs