The Audit Log is OwnPay’s built-in compliance and security trail. Every significant action taken by a staff member or the system — from a successful login to a gateway configuration change — is recorded here as an immutable, timestamped entry. Administrators can use the audit log to investigate suspicious activity, attribute configuration changes to specific users, and satisfy internal or external compliance requirements. Entries cannot be modified or deleted through the admin interface, preserving the integrity of the historical record.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/own-pay/OwnPay-Documentation/llms.txt
Use this file to discover all available pages before exploring further.
Navigating to the Audit Log
In the OwnPay admin dashboard, expand the REPORTS & FINANCE section in the left sidebar and click Audit Log. The activity log table loads, showing the most recent entries first.What Gets Recorded
OwnPay records audit entries for all critical administrative events. Each entry captures the action tag, the user who performed it, the target entity, the timestamp, and the originating IP address. Examples of recorded action tags includelogin.success, login.failed, gateway.created, gateway.updated, brand.updated, and settings.saved.
Audit Log Columns
Each entry in the audit log table provides the following fields:| Column | Description |
|---|---|
| Time | The exact date and time the event occurred (month, day, and time displayed in the brand’s configured timezone). |
| User | The name of the staff member or system actor who triggered the event (e.g. Admin User, System). |
| Action | The event identifier tag (e.g. gateway.created, login.failed, brand.updated). |
| Entity | The target object affected by the action (e.g. manual_gateway #2, user #1, merchant #3). |
| IP | The network address from which the request originated. |
Using the Audit Log for Compliance Reviews
The audit log is the primary tool for two important compliance use cases:Investigating Unauthorised Access Attempts
- Filter the Action column to show
login.failedentries. - Examine the IP column for repeated failures from the same address.
- If a single IP shows multiple failed attempts in a short window, consider blocking or rate-limiting that address at your server firewall to prevent brute-force attacks.
Attributing Configuration Changes
When a gateway stops working, a brand’s colours change unexpectedly, or a setting reverts without explanation:- Filter the Action column for the relevant event tag (e.g.
gateway.updated,brand.updated, orsettings.saved). - Identify the Time entry closest to when the issue was first observed.
- Check the User column to determine which staff member made the change.
- Coordinate with that team member to understand and reverse any unintended modifications.
Audit Log Data Retention
Audit entries are written to theop_audit_logs database table and are immutable from the admin portal — no staff member can edit or delete individual entries through the interface. In production environments, a scheduled cron task should archive entries older than 90 days to a secondary storage location to manage database growth while preserving compliance records.
Audit log entries are scoped by brand. Staff members can only see log entries that belong to their assigned brand (
merchant_id). Super-administrators can see entries across all brands. This scoping prevents cross-brand data exposure in multi-tenant environments.