Lesson 48 min

Audit Logs

Access and export full audit trails.

Why Audit Logs Matter for Accountants

The audit log is your primary source of truth for compliance, investigation, and dispute resolution. Unlike reports (which summarise data), the audit log records every individual action — who did what, to which record, at what time, and what the before and after state was.

As an accountant, you'll use the audit log primarily to:

  • Support external audits (HMRC, VAT inspections)
  • Investigate unusual transactions or discrepancies
  • Verify the integrity of financial records
  • Produce evidence for any internal or legal proceedings

Accessing the Audit Log

Navigate to Settings → Audit Log. You'll see the most recent 100 entries across all modules. By default, entries are shown newest first.

Accountants have read-only access to the audit log. You can view and export all entries but cannot modify or delete them. The log is cryptographically immutable — any attempt to alter entries would break the integrity hash.

Filtering the Log

Use the filter bar to narrow results:

By user: Click the User dropdown and select a specific team member. This shows every action that person took within the selected date range — useful for investigating a specific cashier's activity.

By action type: Select from the action type list:

  • sale_completed — every successful transaction
  • sale_voided — voided transactions with the approving manager
  • discount_applied — discounts, the amount, reason, and the approving role
  • invoice_approved / invoice_rejected — approval workflow events
  • product_edited — price changes, quantity adjustments, product additions or deletions
  • role_changed — any change to a user's role
  • login_success / login_failed — authentication events
  • export_generated — data exports performed by any user

By module: Filter to specific areas: POS, Inventory, Purchasing, AI, Settings, Reports.

By date range: Use the presets (Today, This Week, This Month, Last Quarter) or enter custom start and end dates.

By result: Show only Success or Failure entries. Filtering for failures can reveal integration problems or attempted unauthorised actions.

Understanding the Log Entry Format

Each entry contains:

| Field | Description | |-------|-------------| | Timestamp | Date and time in your configured time zone, to millisecond precision | | User | Name, email, and role at the time of the action | | Action | Human-readable description of what was done | | Target | The specific record affected (e.g. Invoice #INV-2024-0441) | | Before | The record's state before the action (for edit/delete actions) | | After | The record's state after the action | | IP Address | The network address of the device used | | Session ID | Groups all actions from the same login session | | Integrity hash | SHA-256 hash proving the entry hasn't been altered |

The Before / After comparison is particularly useful for price change investigations — you can see exactly what the price was before and after an edit, and who made the change.

Identifying Suspicious Activity

Patterns to watch for:

  • Repeated login failures — could indicate a compromised account or credential sharing
  • Large or frequent discounts — filter discount_applied and sort by amount
  • Voids after close of business — voids processed when the store is closed deserve scrutiny
  • Price edits immediately before a high-value sale — a price reduced then immediately sold
  • Bulk product edits by a cashier — cashiers shouldn't have product edit permissions; if you see this, alert the Owner immediately

If you identify activity that looks fraudulent — do not confront the individual directly. Document the log entries (use the export function), note the dates and times, and report to the business Owner through a private channel.

Exporting the Audit Log

  1. Set your filters for the period and modules you need
  2. Click Export
  3. Choose format: CSV (for spreadsheet analysis) or PDF (for formal submission)
  4. For formal compliance submissions, check Include Integrity Hashes — this proves to the recipient that the log is unaltered
  5. Click Generate Export
  6. You receive an email with a secure download link within a few minutes

Retention Period

FlexotiumPOS retains audit logs for 7 years by default, in line with HMRC record-keeping requirements. If your regulatory environment requires a longer retention period, the Owner can extend this in Settings.

After the retention period, entries are permanently deleted and cannot be recovered. If you're involved in a legal dispute or prolonged audit, ask the Owner to place a Legal Hold on the relevant period — this prevents deletion regardless of the retention setting.

Next Steps

The final accountant lesson covers financial exports — how to extract your transaction data in formats ready for Xero, QuickBooks, and Sage.

Previous
Sales Reports
Next
Export & Portability