GuidesAPI referenceLatest updatesSlack Community
Latest updates
Back to All
Added

🔒 Audit Logs for Enterprise Workspaces

May 7th, 2026

🎯 What is it?

Enterprise workspace administrators now have access to comprehensive audit logs directly in the admin panel. These logs track all agent executions, tool calls, and administrative actions across your workspace. Additionally, you can stream these logs in real-time to your existing Security Information and Event Management (SIEM) platforms like Datadog, Splunk, or any custom HTTPS endpoint.

💡 Why is it useful?

Security and compliance teams need complete visibility into workspace activities for several critical purposes: responding to security incidents, meeting regulatory compliance requirements, conducting internal audits, and distinguishing between actions taken by users versus those performed by agents. Until now, this level of detailed activity tracking wasn't available in Dust.

How does it work?

Audit logs are accessible through your admin panel with real-time updates. You can view the complete history of activities, filter by type (agent executions, tool calls, admin actions), and configure streaming to your preferred SIEM platform or custom endpoint for centralized security monitoring.

Concrete Use Cases

Here's how you could use it:

Security Incident Investigation: When investigating a potential security event, quickly review which agents were executed, what tools they used, and which users or agents performed specific actions during the relevant timeframe.

Compliance Reporting: Generate audit reports for compliance certifications (SOC 2, ISO 27001, GDPR) by exporting complete activity logs showing data access patterns, administrative changes, and agent behaviors.

Separation of Concerns: Clearly distinguish between actions initiated by human users and those performed autonomously by agents, helping you understand and control automated workflows in your environment.

📈 Benefits for you

  • Enhanced Security Posture: Complete visibility into all workspace activities enables faster threat detection and incident response

  • Simplified Compliance: Meet regulatory requirements with comprehensive, exportable audit trails

  • Operational Intelligence: Understand how agents and users interact with your Dust workspace to optimize workflows

  • Centralized Monitoring: Integrate with your existing security infrastructure for unified monitoring across all enterprise tools

🚀 How to access it?

This feature is available exclusively for Enterprise plan workspaces. Workspace administrators can access audit logs by navigating to the admin panel. For detailed setup instructions, including SIEM streaming configuration, visit our documentation at https://docs.dust.tt/docs/audit-logs