Activity Log
Admin → Activity Log
The activity log is an append-only record of every significant action performed in the Commerce admin panel, whether by a staff member or by an automated system process. It cannot be edited or deleted.
What Gets Logged
| Category | Example events |
|---|---|
| Clients | Created, updated profile, deleted, marked tax-exempt |
| Invoices | Created, marked paid, voided, PDF downloaded |
| Payments | Payment recorded, refund issued, payment failed |
| Orders | Order placed, approved, rejected, cancelled |
| Services | Provisioned, suspended, unsuspended, terminated |
| Domains | Registered, renewed, transferred, nameservers updated |
| Tickets | Opened, replied to, assigned, closed |
| Staff | Logged in (success and failure), 2FA enabled/disabled, account created |
| Settings | Any setting saved (records which setting group changed) |
| Impersonation | Staff impersonated a client (records both staff and client IDs) |
Log Entry Columns
| Column | Description |
|---|---|
| Timestamp | UTC datetime of the event |
| Actor | Staff name, or "System" for scheduled/automated actions |
| Action | Human-readable description of what happened |
| Entity Type | Model type affected (e.g. Client, Invoice, Service) |
| Entity ID | Database ID of the affected record |
| IP Address | IP address of the actor (blank for System events) |
Viewing the Log
- Go to Admin → Activity Log.
- The default view shows the 100 most recent entries, newest first.
Filtering
Use the filter bar to narrow results:
- By staff: select a staff member from the dropdown (includes a "System" option)
- By action type: filter to a specific category (Clients, Invoices, etc.)
- By date range: pick start and end dates
Filters can be combined. Results update without a page reload (Alpine.js-powered filter state).
Example: Answering "Who Changed the Client's Email?"
- Go to Admin → Activity Log.
- Filter by Action Type: Clients.
- Filter by Date Range to the suspected window.
- Look for a row with Action: "Updated client profile" and Entity ID matching the client's ID.
- The Actor column tells you which staff member made the change, and the IP address confirms where from.
[!TIP] If the actor is "System", the change was made by a scheduled job or an API webhook — not a human. Cross-reference the timestamp with your queue worker logs at
/var/log/opterius-worker.log.
Retention
Activity log entries are retained indefinitely. There is no automatic pruning. For large installs (thousands of entries per day), consider archiving entries older than 12 months to a separate table using a scheduled command:
php artisan commerce:archive-activity-log --older-than=365
[!IMPORTANT] Actions taken during a client impersonation session are attributed to the client, not the staff member. Only the initial "Staff impersonated client" event names the staff actor. Review impersonated sessions carefully when using the log for compliance audits.
Exporting the Log
Click Export CSV at the top of the Activity Log page to download a CSV of the currently filtered view. The export honours all active filters, so narrow your selection first if you want a targeted export.