Auditing your Redox platform

Last updated: Jul 22, 2025
PRODUCT OWNER
HCO
HEALTH TECH VENDOR

For any organization handling sensitive data, maintaining a clear and comprehensive audit trail is not just a best practice—it’s often a requirement for security compliance (like HIPAA and SOC 2). Our audit events provide a complete record of all significant actions taken within your Redox organization.

Why use auditing

  • Answer "who did what, and when?": Securely log all user activity, from viewing a log containing PHI to changing a user’s permissions.
  • Monitor for security risks: Proactively track events like failed login attempts or unauthorized access to confidential data.
  • Troubleshoot issues: See a step-by-step history of configuration changes to understand how and when a problem occurred.
  • Automate compliance: Use the Redox Platform API to programmatically pull audit events into your own security and compliance monitoring tools. Review the Get audit events spec.

Who can use auditing

Auditing is an advanced feature. Once you’ve upgraded your plan to include this advanced feature, auditing is available to Redox organization owners.

What events can you audit

Our auditing feature tracks two major categories of events:

  1. User activity: An action a user takes that could affect your organization’s configuration or assets.
  2. User access: An action a user takes related to user accounts and permissions.

User activity events

For example, you can track who:

  • creates, updates, or deletes any connectivity settings (e.g., OAuth API keys, sources, or destinations);
  • views or modifies any data operations (e.g., translation sets, filters, config modifiers); and
  • views or searches logs, as well as runs log inspector.

User access events

For example, you can track when a user:

  • logs in or switches between Redox organizations;
  • invites a new user to join the organization; and
  • changes another user’s role assignment.

Audit event statuses

When you review audit events, they’ll have an associated status, which could be any of the following:

Audit event status
Description
attempted
A user tried to perform a given action in a Redox organization, but we’re not sure how it turned out yet. This is an interim state, and it could change to any of the other statuses to show the terminal state.
unauthorized
A user was logged in to a Redox organization but didn’t have the correct role assignment to complete the action.
unauthenticated
A user wasn’t logged in to a Redox organization when trying to complete the action.
failed
A user tried to complete an action but wasn’t successful for some reason.
successful
A user tried to complete an action and was successful.