Web

Logs

Learn how Secryn logs support auditing, monitoring, and compliance.

Logs

Secryn provides comprehensive logging across user activity, API access, system actions, and MCP integrations. Logs are designed for traceability, auditing, security monitoring, and compliance.

All log types support filtering and CSV export for analysis or external archiving.

Log Types

Secryn includes four primary log categories:

  • Audit Logs
  • Request Logs
  • User Logs
  • MCP Logs

Audit Logs

Audit Logs track changes made within the workspace.

They record who performed an action, what action occurred, and which resource was affected.

What is logged

  • Resource creation (projects, vaults, secrets, keys, certificates)
  • Updates and modifications
  • Deletions
  • Permission and role changes
  • System-triggered events (e.g., expiration digest notifications)

Logged Fields

  • Timestamp
  • User
  • Action
  • Resource
  • Fields Changed (if applicable)

Filtering Options

  • Filter by user
  • Filter by resource name or ID
  • Filter by resource type
  • Start date / End date

Export

Audit logs can be exported as CSV.

Use Cases

  • Compliance reporting
  • Investigating configuration changes
  • Tracking resource lifecycle
  • Monitoring administrative actions

Request Logs (API Logs)

Request Logs record incoming API calls made to Secryn.

These logs help monitor integrations, automation usage, and API access patterns.

What is logged

  • HTTP method (GET, POST, PUT, DELETE)
  • Resource type
  • Status code
  • IP address
  • Timestamp

Filtering Options

  • Resource type
  • HTTP method
  • Status code
  • IP address
  • Start date / End date

Export

Request logs can be exported as CSV.

Use Cases

  • Debugging automation failures
  • Monitoring external integrations
  • Tracking API usage
  • Security monitoring

User Logs

User Logs track authentication and session activity.

They provide visibility into login attempts and account usage.

What is logged

  • Login events
  • Session activity
  • Timestamp
  • User
  • IP address
  • User agent (device and browser details)

Filtering Options

  • Search by user
  • Filter by IP address
  • Start date / End date

Export

User logs can be exported as CSV.

Use Cases

  • Detecting suspicious login attempts
  • Monitoring account access
  • Incident investigation
  • Security auditing

MCP Logs

MCP Logs record activity related to the Secryn MCP server.

This includes initialization attempts, resource access via MCP, and system-level integration events.

What is logged

  • MCP initialization events
  • MCP request/response metadata
  • Errors and validation failures
  • Timestamp
  • Status

Use Cases

  • Debugging MCP integrations
  • Monitoring external vault consumers
  • Diagnosing authentication failures
  • Observing automation workflows

Log Retention & Export

Logs are stored within your Secryn deployment.

All log types support CSV export.

Retention is managed by your deployment configuration and backups.

For long-term archival or compliance requirements, it is recommended to:

  • Export logs periodically
  • Include logs in scheduled backups

Security Considerations

Logs do not expose secret values.

Masked data remains masked.

Sensitive material is never logged in plaintext.

Access to logs is controlled by RBAC (Admin-only for most log types).

App Settings

Archived Data