Read the Audit Log

Last updated:
May 25, 2026

Every change an agent makes to your site is recorded. The audit log is where you go to answer “what happened, and who did it?” — independent of what any agent tells you. This guide covers reading it.

Maxi keeps an audit log: an append-only record of actions taken on your site. Every time an agent changes something — creates or edits a post, updates a product, rotates a key, changes a setting — an entry is written noting what was done, which user did it, and when. You read it by asking your agent.

Its value is that it’s independent. The agent can show you the log but cannot alter or erase it, so it’s the authoritative answer to “what actually happened,” separate from the agent’s own account of its work. If an action is in the log, it happened; if it isn’t, it didn’t.

Reading the audit log requires an administrator-level connection — it’s not available to lower-privileged agents.

Reading it

Ask in plain language. A few examples:

“Show me the last 20 things that changed on the site.”
“What content has my agent created or edited this week?”
“Have there been any changes to my API keys or settings recently?”

The agent retrieves the matching entries and summarizes them. Each entry carries a timestamp, the action, the user who performed it, and what was affected — so you can see, for instance, that a documentation page was created by your admin user this morning, or that an OpenAI key was rotated last week.

What you can filter by

The log groups entries into categories. The ones operators reach for most:

  • Content — posts, pages, and products created, updated, deleted, or published.
  • Keys — provider API keys added, rotated, or failing validation.
  • License — activations and changes.
  • Media — uploads and deletions.
  • WooCommerce — store changes (when WooCommerce is in use).

You can also narrow by time (“today,” “the past week”), so a good habit is a periodic scan: “Summarize everything that changed on the site this week.”

The log also records lower-level technical events (connection and rule-handshake activity, for example). These are mostly housekeeping and tend to dominate the raw feed — if you just want to see real changes, ask specifically for content, key, or settings changes rather than “everything.”

When you’d reach for it

  • Confirming work. After asking an agent to do a batch of changes, the log is how you verify exactly what it touched.
  • Investigating something unexpected. If a page changed and you’re not sure why, the log shows when and by which user.
  • Periodic review. A weekly “what changed?” scan keeps you oriented, especially if more than one person or agent works on the site.

It can’t be tampered with

The audit log is built to be tamper-evident: entries are chained together so that altering or deleting a past entry would break the chain and be detectable. This is what lets you trust it as the record of last resort — its history can’t be quietly rewritten, by an agent or anyone else.

In summary: the audit log is the authoritative, append-only record of what changed on your site and who did it. Ask your agent to read it — by recency, by category (content, keys, license, media, WooCommerce), or by time window. Use it to confirm an agent’s work, investigate the unexpected, or run a periodic review. Reading it requires an administrator, and its entries are tamper-evident, so it’s a record you can rely on.

On this page