# Vault Audit Logs

Audit Logs show a centralized stream of all user activity within an Organization. Part of the security of any organization is to control and monitor access to information. Thus, organization admins need to be able to see the detailed audit trail of all activity that happens.

As of now, VGS Audit Logs can be used to view the latest changes to routes and revert a version to undo certain changes.&#x20;

<figure><img src="/files/oiFpgFjiOwEVShBR0eRo" alt=""><figcaption></figcaption></figure>

## Events Types for Audit Logs

VGS Audit Logs capture the following route-specific user activities:

* Route created
* Route updated
* Route reverted

## Main Fields for Audit Logs Events

* Date - time when the event happened
* User email - email address of the person who made the change
* Event - the way in which the object was changed
* Event Action Type - created/updated (the way in which the object was changed)

## Diff Snippet

The diff snippet shows the snapshot values of two route versions: the previous version, original, and the new one, rewritten. Both versions are shown in a YAML format.

## Additional Information in Detail View

* Event
* Event ID
* Date and Time ISO8601
* Resource ID
* User email
* User ID
* User Agent
* Diff Snippet (full YAML configuration)

## Revert Version

Each time a user saves a new sandbox/live configuration of a route, VGS automatically creates a new route version and a snapshot. Reverting allows the user to undo a change by reverting to some previous version.&#x20;

> Using the revert version feature doesn't delete any changes; it creates a new version that reverts the effects of a specified change.

When doing a revert, you will see a revert event log and “Event ID” that tells you from which event the new version was created.&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.verygoodsecurity.com/vault/developer-tools/vault-management/audit-logs.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.