Overview
Audit logs provide a comprehensive record of user activities in Quality Hub GINEZ. As an administrator, you can track document downloads, user actions, and system events to maintain security, compliance, and operational transparency.Types of Audit Logs
Quality Hub GINEZ tracks several types of activities:1. Download Logs
Tracks when users download technical documents:- Technical data sheets (fichas técnicas)
- Safety data sheets (hojas de seguridad)
- Product documentation
- Catalog exports
2. User Activity Logs
Records user actions in the system:- Login/logout events
- Profile updates
- Permission changes
- Account creation/deletion
3. Data Modification Logs
Tracks changes to critical data:- Bitácora entries (created, edited, deleted)
- Quality control records
- Product catalog updates
- Configuration changes
Accessing Audit Logs
Only users with the Administrador role can access audit logs.
Download Logs
Viewing Download Activity
The Download Logs section shows a detailed table of all document downloads:| Column | Description |
|---|---|
| Fecha y Hora | Date and time of download |
| Usuario | Full name of user who downloaded |
| Rol | User’s role at time of download |
| Área | Department/area of user |
| Archivo | Name of downloaded file |
| Tipo | Document type (Ficha Técnica, Hoja de Seguridad) |
| SKU | Product code (if applicable) |
Filtering Download Logs
Use the filter controls to narrow down results:Filter by Area
Select a department from the Área dropdown:
- Producción
- Calidad
- Comercial
- Almacén
- Gerencia
- Compras
Filter by Document Type
Select from Tipo de Acción dropdown:
- Ficha Técnica (Technical Data Sheet)
- Hoja de Seguridad (Safety Data Sheet)
Understanding Download Patterns
Audit logs help you: ✅ Ensure Compliance: Verify users are accessing appropriate documentation ✅ Track Usage: Identify most frequently accessed documents ✅ Security Monitoring: Detect unusual download patterns ✅ Training Needs: See which documents users reference most ✅ Audit Trail: Maintain records for ISO/quality certificationsCommon Use Cases
Use Case 1: ISO Audit Preparation
Scenario: You need to prove that operators access safety data sheets before handling products.Use Case 2: Security Investigation
Scenario: You notice unusual activity and need to investigate who accessed specific documents.Use Case 3: Training Compliance
Scenario: Verify new employees have reviewed required technical documentation.Review Download History
Check if they’ve accessed required documents:
- Product technical sheets
- Safety data sheets
- Quality procedures
User Activity Tracking
Beyond downloads, the system tracks:Profile Changes
- Name updates
- Email changes
- Password resets
- Role modifications
- Branch reassignments
Permission Changes
- Role assignments
- Permission grants/revocations
- Admin status changes
Account Management
- New user registrations
- Account approvals
- User deletions
All user modifications include timestamps and the administrator who made the change.
Data Retention
Log Retention Policy
Audit logs are retained according to these guidelines:| Log Type | Retention Period | Purpose |
|---|---|---|
| Download Logs | 2 years | Compliance and audit trail |
| User Activity | 1 year | Security and troubleshooting |
| Data Changes | Indefinite | Historical record integrity |
| Login Events | 90 days | Security monitoring |
Archiving Old Logs
If you need to archive old logs:- Contact your database administrator
- Export logs to secure storage
- Ensure compliance with data retention policies
- Maintain chain of custody for archived records
Security Best Practices
Regular Monitoring
✅ Review Weekly: Check audit logs at least once per week ✅ Investigate Anomalies: Follow up on unusual patterns immediately ✅ Document Reviews: Keep records of your audit log reviews ✅ Cross-Reference: Compare logs with incident reportsRed Flags to Watch For
🚩 After-Hours Access: Downloads during non-business hours 🚩 Bulk Downloads: Single user downloading many documents at once 🚩 Unauthorized Areas: Users accessing documents outside their department 🚩 Terminated Users: Activity from accounts that should be disabled 🚩 Permission Escalation: Users suddenly accessing higher-level documentsResponding to Security Events
If you detect suspicious activity:Document the Activity
Take screenshots and note all relevant details:
- User name and role
- Documents accessed
- Time and date
- Pattern of behavior
Verify User Identity
Contact the user to confirm they performed the actions
- May be legitimate work activity
- Could indicate compromised account
Take Immediate Action
If suspicious:
- Temporarily disable user account
- Reset user password
- Review their recent activity
- Check for data exfiltration
Compliance and Reporting
ISO 9001 Quality Management
Audit logs support ISO 9001 requirements:- Document control (who accessed what)
- Training records (document access)
- Traceability (complete audit trail)
Regulatory Compliance
For industries requiring regulatory compliance:- Maintain logs for required retention period
- Provide access to auditors upon request
- Demonstrate control over sensitive information
Internal Audits
Prepare for internal audits by:- Organizing logs by department/area
- Creating summary reports of activity
- Documenting unusual events and resolutions
- Showing evidence of regular monitoring
Troubleshooting
Logs Not Appearing
Possible causes:- Not logged in as administrator
- Database connectivity issues
- Logs haven’t been generated yet (no activity)
- Verify you have admin role
- Check network connection
- Reload the page
- Check Supabase dashboard for data
Missing Download Events
Possible causes:- Download logging not implemented for that document type
- User downloaded via direct link (bypassing logging)
- Database write failure
- Verify logging function is implemented for that document type
- Review code in
lib/audit.ts - Check Supabase logs for errors
Cannot Filter Logs
Possible causes:- Browser cache issues
- JavaScript errors
- Filter logic bugs
- Clear browser cache (Ctrl+Shift+Del)
- Open browser console (F12) to check for errors
- Try different browser
- Reload page
Exporting Audit Data
Manual Export
Currently, you can export audit data by:- Screenshot: Capture filtered results
- Copy Table: Select and copy table data
- Browser Print: Print to PDF
Automated Reports
Automated audit report exports are planned for a future release. Check the roadmap for updates.
- Export to Excel/CSV
- Scheduled email reports
- Custom report templates
- Dashboard visualizations