Read the audit log
This page shows you how to read the activity log: the append-only record of who did what to which regulated entity, and when.
Administrators: Quality Admin, HR Admin, Corporate Admin.
The audit surface is at Audit. It has two tabs:
- Compliance shows the status of every assignment (who is assigned what training and whether it is completed, in progress, pending, overdue or failed).
- Activity log shows the raw, append-only event record described below.
What the activity log records
Open the Activity log tab. Each row is one recorded event with these columns:
| Column | What it shows |
|---|---|
| Timestamp | When the event happened. |
| User | The person who performed the action (name and email), or system for automated jobs. |
| Action | The event type, for example approve_content or sign_evidence. |
| Entity | The kind of record affected, for example training_versions. |
| ID | The first characters of the affected record's identifier. |
| IP | The IP address the action came from, when available. |
| Details | A compact summary of the event, for example the change rationale or the source count. |
What the common actions mean
| Action | What happened |
|---|---|
create_version | An author submitted a new training version for review. |
approve_content | A reviewer approved a pending version, with a rationale. |
activate_version | An approved version became the live content. |
resolve_review_task | A reviewer resolved a queue task (or rejected a version). |
create_evidence / complete_training | A learner completed a training. |
sign_evidence | A learner applied an e-signature to their completion. |
issue_certificate | A completion certificate was issued. |
submit_document_for_review | A controlled document was submitted for review. |
approve_document | A controlled document was approved with an e-signature. |
make_document_effective | A controlled document version became effective. |
obsolete_document | A controlled document was marked obsolete. |
acknowledge_document | A user marked a document as read and understood. |
The two properties an auditor relies on
Records are written, never edited and never deleted. There is no screen, role, or setting that lets anyone alter a past event. The log is the system of record for every regulated change, which is what 21 CFR Part 11 §11.10(e) expects.
For compliance-critical actions (approving content, activating a version, signing evidence, issuing a certificate, and the controlled-document lifecycle), the audit write is fail-loud: if the audit row cannot be saved, Better Comply rolls back the change that triggered it. A regulated change never persists without its audit trail. Operational events (such as login or a quiz attempt) are recorded best-effort and do not block the action.
Filter the activity log
Use the controls above the table to narrow what you read:
- Search: free text that matches the action, entity, identifier, user name or email, and the event details.
- Action: limit to a single action type.
- Entity: limit to a single entity type.
The result count and pagination update as you filter. The most recent events are shown first.
Where each event comes from
You usually do not create audit rows by hand; they are a by-product of doing the work:
- Approving or rejecting in the review queue writes
approve_content,activate_version, orresolve_review_task. - Learners completing and signing trainings write
create_evidence,complete_training, andsign_evidence. - The controlled-documents lifecycle writes the document actions.