Secryn provides comprehensive logging for auditing, troubleshooting, and compliance. All logs are immutable, timestamped in UTC, and visible only to admins.

Audit Logs

Capture security-sensitive actions such as user sign-ins, resource creation, role changes, public URL updates, backups/restores, and setup wizard events. Each entry records the actor, action, target, timestamp, and source IP.

Request Logs

Track API activity, including endpoint, method, status code, timestamp, auth context (user or access key), and execution duration. Sensitive payload data is never logged.

User Logs

Show user-level events like authentication attempts, failed access, role changes, and actions performed within projects and vaults.

MCP Logs

Document MCP server lifecycle events, client handshakes, tool/resource requests, authorization outcomes, and errors. MCP logs never include secret values or private keys.

Retention & Security

• logs are append-only and standardized to UTC
• retention follows system configuration; archives remain read-only
• sensitive values are masked or omitted
• all log access is controlled via RBAC

Use these logs to satisfy audit requirements and troubleshoot automation.