Audit Log¶
Last reviewed: 2026-04-01 · Nnamdi
Status: Complete
Route: /audit
1. What is it?¶
Audit Log tracks all user actions and system events within the business. Every create, update, void, and delete action is logged with the action type, entity type, entity ID, description, timestamp, and the user who performed it. This provides a complete audit trail for compliance, troubleshooting, and accountability.
2. How does it work in Finora?¶
2.1 The Audit Log page (/audit)¶
Header: - Heading: "Audit Log" - Subtitle: "Track all user actions and system events" - Refresh button
Controls: - Search box — "Search by description, user, entity, action..." - Filters button — additional filtering options
Summary: "Showing X of X entries"
2.2 Log entry structure¶
Each entry shows:
| Field | Description |
|---|---|
| Action badge | Create / Update / Void |
| Entity type badge | Invoice / Expense / Bill / Receipt / Other |
| Entity ID | e.g., INV-2026-00001, EXP-2026-00001, Payroll - March 2026 |
| Description | Human-readable description of what happened |
| Timestamp | Date and time (e.g., "31 Mar 2026, 16:00") |
| User | Email of the user who performed the action |
2.3 Sample entries (test business, 17 entries)¶
Recent activity (selected highlights): - Approved payroll run for March 2026 (31 Mar 2026) - Created payroll run for March 2026 with 1 employees (31 Mar 2026) - Declared dividend DIV-2025-00001 for 500000 Naira (30 Mar 2026) - Voided dividend DIV-2026-00001 (30 Mar 2026) - Created invoice INV-2026-00002 for Mr. Chukwuma Emmanuel (28 Feb 2026) - Created expense EXP-2026-00002 for SchoolMart Supplies Ltd (28 Feb 2026) - Created bill BILL-2026-001 for Adekunle Legal Chambers (28 Feb 2026) - Created cash sale receipt RCT-2026-00001 for Mr. Okonkwo (28 Feb 2026) - Created invoice INV-2026-00001 for Mrs. Adebayo (28 Feb 2026)
Action types observed: Create, Update, Void Entity types observed: Invoice, Expense, Bill, Receipt, Other (payroll, dividends)
3. Business rules & constraints¶
| Rule | Detail |
|---|---|
| All actions are logged | Every create, update, void, and delete is recorded |
| Immutable log | Log entries cannot be edited or deleted |
| User attribution | Every action is tied to the email of the user who performed it |
| Searchable | Full-text search across descriptions, users, entities, and actions |
| Filterable | Filter by action type, entity type, date range |
4. Nigerian regulatory context¶
Record-keeping requirements¶
Nigerian tax law and accounting standards require businesses to maintain records of all financial transactions and modifications. The Audit Log provides: - Evidence for NRS audits — who created, modified, or voided which records - Accountability for team access — tracks which user performed each action - Compliance with NDPR — audit logs of data access are included in data export
5. Common customer questions¶
Q: "Can I delete an audit log entry?"
No — audit log entries are immutable. They cannot be edited or deleted. This is by design for compliance.
Q: "Who can see the audit log?"
The business owner and admins can view the audit log. The specific visibility depends on the user's role.
Q: "I see a 'Void' action I didn't perform. What happened?"
Check the user email on the entry — it shows who performed the action. If the user is unknown, escalate to Tier 3 immediately as this could indicate unauthorised access.
6. Known edge cases¶
"Other" entity type for payroll and dividends¶
Payroll runs and dividend declarations show entity type "Other" rather than a specific type. The description provides the detail needed to identify the specific transaction.
All entries from a single user in test business¶
The test business has only one user (deejaynamo@yahoo.com), so all 17 entries are attributed to the same email. In a multi-user business, the audit log distinguishes actions by user.
7. Escalation trigger¶
Escalate to Tier 3 (Founder) if: - Audit log shows actions from an unrecognised user - Actions appear in the log that no user claims to have performed (potential security incident)
Escalate to Tier 2 (Support Lead) if: - Customer needs an audit log export for external auditors - Customer needs help filtering the log for a specific time period or entity
8. Last reviewed¶
2026-04-01 — Nnamdi. Verified against production. Audit Log for COA Test School Academy: 17 entries. Actions: Create, Update, Void. Entity types: Invoice, Expense, Bill, Receipt, Other. Search box confirmed. Filters button confirmed. Refresh button confirmed. All entries attributed to deejaynamo@yahoo.com. Most recent: Approved payroll March 2026 (31 Mar 2026). Oldest: Created invoice INV-2026-00001 (28 Feb 2026).