N Nexus Docs
Settings

Audit Log

Complete, tamper-evident record of all user and system actions within your NexusCommerce tenant.

Overview

The Audit Log is a comprehensive, chronological record of every significant action taken in your NexusCommerce tenant — by users and by the system. It is the primary tool for security reviews, compliance investigations, and operational troubleshooting.

Every entry in the audit log includes who performed the action, what was changed, when it happened, and what the before/after state was.

Key Concepts

Audit Event — A recorded action. Events are immutable once written. They cannot be edited or deleted by any user, including Owners.

Actor — The entity that performed the action. Actors can be:

  • A specific user (identified by email and user ID)
  • An API key (identified by key name and prefix)
  • The system (automated jobs, adapter syncs, AI workers)

Resource — The object that was affected by the action (e.g., a specific product, order, pricing rule, or connection).

Event Type — The category of action performed. See the full event type list below.

Getting Started

Navigate to Settings > Audit Log.

The audit log is available to Owner and Admin roles. Managers and Viewers cannot access the audit log.

Features

Audit Log List

The log displays entries in reverse chronological order (newest first):

ColumnDescription
TimestampUTC timestamp of the event
ActorUser name / API key name / System
ActionEvent type (e.g., product.updated)
ResourceAffected resource type and identifier
IP AddressThe IP address of the request (for user/API key actions)
DetailsSummary of the change

Event Types

Product Events:

  • product.created — New product added to catalog
  • product.updated — Product attributes changed
  • product.deleted — Product archived or deleted
  • product.price_changed — Price updated (includes before/after values)
  • product.status_changed — Product status changed

Order Events:

  • order.status_changed — Order status transition
  • order.shipped — Shipment confirmation submitted
  • order.cancelled — Order cancellation requested

Inventory Events:

  • inventory.adjusted — Manual stock adjustment (includes reason, before/after quantity)
  • inventory.synced — Inventory pushed to marketplace

Connection Events:

  • connection.created — New marketplace connection added
  • connection.updated — Connection credentials or settings changed
  • connection.deleted — Connection removed
  • connection.sync_started — Adapter sync cycle started
  • connection.sync_completed — Adapter sync cycle completed
  • connection.sync_failed — Adapter sync cycle failed with error

Pricing Events:

  • pricing_rule.created — New pricing rule added
  • pricing_rule.updated — Rule modified
  • pricing_rule.deleted — Rule deleted
  • price.auto_changed — Price changed by auto-repricing engine (includes rule ID)

AI Job Events:

  • ai_job.dispatched — AI worker job queued
  • ai_job.completed — Job finished successfully
  • ai_job.failed — Job failed after all retries

User / Access Events:

  • user.invited — Team member invited
  • user.joined — Invitee accepted and joined
  • user.role_changed — User role updated
  • user.suspended — User suspended
  • user.removed — User removed from tenant
  • api_key.created — API key generated
  • api_key.revoked — API key revoked
  • user.login — Successful login
  • user.login_failed — Failed login attempt

Settings Events:

  • settings.updated — Any settings change (includes which settings and before/after values)
  • notification.configured — Notification settings changed

Event Detail View

Click any log entry to see the full event detail:

{
  "id": "evt_01HXK9MZPQ3B8C7D2E5F6G",
  "timestamp": "2026-03-12T14:32:01.123Z",
  "actor": {
    "type": "user",
    "id": "5059c011-17cf-4bcb-81ec-896ff3adb24f",
    "email": "[email protected]",
    "name": "Jane Smith"
  },
  "action": "product.price_changed",
  "resource": {
    "type": "product",
    "id": "prod_01HX...",
    "sku": "SKU-001",
    "title": "Blue Widget 500ml"
  },
  "metadata": {
    "marketplace": "amazon_us",
    "before": {"price": 14.99},
    "after": {"price": 13.49},
    "trigger": "pricing_rule",
    "rule_id": "rule_01HX..."
  },
  "ip_address": "203.0.113.42",
  "user_agent": "NexusCommerce/2.0 Web"
}

Filtering

Filter the audit log by:

  • Date range (custom or preset: today, yesterday, last 7d, last 30d, last 90d)
  • Actor (specific user, API key, or system)
  • Event type (single or multiple)
  • Resource type (product, order, connection, etc.)
  • Resource ID (search for events affecting a specific SKU, order ID, etc.)
  • IP address

Export

Export the audit log to CSV for compliance reporting or external SIEM integration:

GET /api/audit-log/export?start=2026-01-01&end=2026-03-01&format=csv
Authorization: Bearer <token>
X-Tenant-ID: <tenant-id>

Exports are available in CSV and JSON format. Large exports are processed asynchronously and delivered to the account email.

Retention

Audit log entries are retained for 12 months on the Growth plan and 36 months on the Enterprise plan. On Starter, retention is 90 days.

The retention period cannot be reduced. Entries cannot be deleted by any user, including Owners, to maintain log integrity.

Configuration

SettingDescriptionDefault
Retention periodMonths to retain audit log entriesPer plan (see above)
Export formatDefault export formatCSV
SIEM integration (Enterprise)Stream audit events to an external SIEMDisabled
Alert on suspicious activityAlert admins on multiple failed login attemptsEnabled (5 failures)

Notifications

Configure alert channels and thresholds for NexusCommerce system notifications.

Deployment Overview

Deploy NexusCommerce to production using Docker Compose on a VPS or Kubernetes with Helm.

On this page

OverviewKey ConceptsGetting StartedFeaturesAudit Log ListEvent TypesEvent Detail ViewFilteringExportRetentionConfiguration