Audit Logs
Audit Logs is the immutable trail of who changed what across the suite -- record creations, edits, deletions, approvals and sensitive actions with timestamps and user identity. It is the institution's primary control for accountability and forensic review. Auditors and compliance officers depend on it to investigate incidents and satisfy regulators.

Workflow
- Open MFI > Operations > Reports > Audit Logs
- Filter by user, model, action or date range
- Open an entry to see the before/after values captured
- Trace a sequence of actions on a record or by a user
- Export the relevant entries for an audit or investigation
Fields reference
Every field on this screen, drawn from the live data model.
| Field | Type | Required | Description |
|---|---|---|---|
Previous Event Hashprev_event_hash | Text | — | SHA-256 of the previous audit row in this chain. Genesis row has all-zeros. |
Event Hashevent_hash | Text | — | SHA-256 of (prev_event_hash + canonical_json(chain_fields)). Tampering with any chain field invalidates this hash. |
Chain OKchain_verified | Yes/No | — | True when this row's stored event_hash matches the recomputed hash. Computed on demand; verify_chain() persists results. |
Chain Break Reasonchain_break_reason | Text | — | Filled by verify_chain() when this row's hash does not match the recomputed hash. |
Descriptiondescription | Text | Yes | Description |
Action Typeaction_type | Choice: Create, Update, Delete, Approve, Reject, Cancel, Post, Reverse | Yes | Action Type |
Useruser_id | Link → res.users | Yes | User |
Action Dateaction_date | Date & time | Yes | Action Date |
Modelmodel_name | Text | — | Model |
Record IDrecord_id | Number | — | Record ID |
Record Namerecord_name | Text | — | Record Name |
Branchbranch_id | Link → mfi.branch | — | Branch |
Old Valuesold_values | Long text | — | Old Values |
New Valuesnew_values | Long text | — | New Values |
IP Addressip_address | Text | — | IP Address |
Companycompany_id | Link → res.company | — | Company |
HTTP Methodhttp_method | Text | — | HTTP Method |
Before (JSON)before_json | Long text | — | Before (JSON) |
After (JSON)after_json | Long text | — | After (JSON) |
Sensitive Fields Touchedsensitive_field_names | Text | — | Sensitive Fields Touched |
Severityseverity | Choice: Info, Low, Medium, High, Critical | — | Severity |
SIEM Dispatchedsiem_dispatched | Yes/No | — | SIEM Dispatched |
SIEM Attemptssiem_attempts | Number | — | SIEM Attempts |
SIEM Last Errorsiem_last_error | Text | — | SIEM Last Error |
Notes & rules
- Model mfi.audit.log -- system-wide change trail
- Key fields: user, model, action, timestamp, values
- Related: All Requests, SOC 2 Evidence, Compliance workspace
- Used by auditors and compliance officers
Was this page helpful?

