Activity Logs
What it is
Activity Logs is BotBat's system-wide audit trail that captures every significant event across the platform. This includes API calls with full request and response details, user actions (logins, configuration changes, campaign launches), system events (scheduled jobs, automated workflow executions), and webhook deliveries with their response codes and retry history. The module provides a complete, tamper-evident record of what happened, who did it, and when.
The log feed supports powerful filtering, full-text search, and real-time streaming for live monitoring. Whether you are investigating an incident, debugging an API integration, or preparing a compliance export, Activity Logs gives you the raw data you need in a searchable, structured format. Every log entry links back to the relevant module and resource, making it easy to jump from a log event to the actual campaign, contact, or configuration that was affected.
Log retention periods vary by plan. Starter plans retain logs for 30 days, Growth plans for 90 days, and Enterprise plans for one year. For organizations with long-term retention requirements, the export feature lets you download filtered log data as CSV or JSON on a schedule you control.
When to use
| Scenario | Why Activity Logs helps |
|---|---|
| Investigating an incident | Trace exactly what occurred, who triggered it, and when. For example, find out which user launched a campaign to the wrong segment and what configuration was active at the time. |
| Debugging API integrations | Filter for API call logs to inspect full request and response payloads, HTTP status codes, headers, and response times. |
| Monitoring webhook deliveries | Verify that webhook events were delivered successfully, inspect response codes from your endpoint, and identify retries or persistent failures. |
| Compliance and auditing | Export logs for a specific date range to satisfy internal audit requirements, regulatory compliance (GDPR data access logs, SOC 2 evidence), or security reviews. |
| Real-time operational monitoring | Stream logs live during campaign launches or high-traffic periods to watch system activity as it happens and catch anomalies immediately. |
Log event types
| Event type | What it captures | Example |
|---|---|---|
| API Call | HTTP method, URL, request/response headers and body, status code, latency | POST /api/v1/campaigns/launch returned 200 in 342ms |
| User Action | Actor, action performed, module, resource ID, before/after state | User "admin@acme.com" updated campaign "Summer Sale" status from Draft to Scheduled |
| System Event | Job name, trigger type, execution result, duration | Scheduled job "contact-sync" completed successfully in 12s |
| Webhook Delivery | Event type, endpoint URL, payload, response status, retry count | Event "message.delivered" sent to https://acme.com/webhooks, received 200 on first attempt |
Steps
1. Open Activity Logs
Navigate to Account > Logs in the sidebar. The default view shows the most recent events in reverse chronological order. Each row displays a timestamp, event type icon, actor (user email or "System"), the affected module, and a one-line summary of the event.
2. Filter logs
Use the filter bar at the top to narrow results. Available filters include date range, actor (specific user or system), event type (API call, user action, system event, webhook delivery), module (campaigns, contacts, inbox, channels, settings), and outcome (success or failure). Combining multiple filters lets you zero in on exactly the events you need.
3. View log details
Click any log entry to expand its detail panel. The detail view varies by event type. For API calls, you see the full HTTP method, URL, request headers, request body, response status code, and response body. For user actions, you see the before and after state of the changed resource. For webhook deliveries, you see the event payload, endpoint URL, response status, and retry history.
4. Stream logs in real time
Click the Live toggle at the top of the log feed to activate real-time streaming. New events appear as they happen, with the feed auto-scrolling to the latest entry. This is particularly useful during campaign launches, load tests, or incident response when you need to observe system behavior as it unfolds. Click the toggle again to pause streaming and review specific entries.
5. Export logs
Click Export above the log feed. Select the date range, apply any filters you want to carry over, and choose your format: CSV for spreadsheet analysis or JSON for programmatic processing. The export includes every field visible in the detail view, making the output suitable for compliance submissions, security audits, or import into external SIEM tools.
6. Review log retention policy
Open Settings > Log Retention to see how long logs are stored for your current plan. Plan your export schedule based on these retention windows to ensure you capture all logs you need before they are automatically purged.
| Plan | Retention period |
|---|---|
| Starter | 30 days |
| Growth | 90 days |
| Enterprise | 1 year |
Common pitfalls
| Pitfall | How to avoid it |
|---|---|
| Not filtering before searching | Log volume in an active workspace can be enormous. Always apply date range and event type filters first to narrow results before scanning for a specific event. |
| Ignoring webhook delivery failures | Failed webhook deliveries mean your external systems are not receiving critical event data. Check webhook logs regularly and set up alerts for repeated delivery failures. |
| Assuming logs are retained forever | Each plan has a defined retention period. If you need logs for long-term compliance, set up a recurring export schedule before logs are purged. |
| Overlooking system events during investigations | When tracing an issue, teams often filter only for user actions. System events (automated workflows, scheduled jobs) are frequently the actual root cause. Always include them in your investigation filters. |
| Sharing raw exports without redaction | API call logs may contain sensitive data such as API keys in headers or PII in request bodies. Redact sensitive fields before sharing exports with external parties or auditors. |
Bookmark filtered log views for your most common investigation patterns. For example, save a filter for "API calls with status 500 in the last 24 hours" or "webhook deliveries with failure status." This saves significant time when you need to troubleshoot quickly during an incident.
- Activity Logs Overview
- Log Filters
- Log Details
- Live Stream
- Export Logs
- Log Retention