Security
Audit log
Every read and write to important data is recorded with actor, time, IP and a diff of changes.
DineOS keeps a comprehensive audit trail to make sense of after-the-fact questions like "who changed this booking?" and to satisfy GDPR's accountability requirements.
What is logged
Read and write operations on:
- Reservations (create, modify, cancel, status change).
- Guest profiles (create, modify, delete, GDPR export).
- Vouchers (issue, redeem, refund).
- Staff (role changes, invites, deactivations).
- Billing (plan changes, payment method updates).
- Integrations (connect, disconnect, key rotation).
- Sign-in events, including failed attempts.
Entry shape
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
| actor | user | system | api_key | Required | — | Who performed the action. |
| action | string | Required | — | Verb and resource, e.g. reservation.update. |
| resource_id | string | Required | — | ID of the affected entity. |
| occurred_at | ISO 8601 | Required | — | When the action happened, UTC. |
| ip | string | — | — | Source IP, where applicable. |
| diff | object | — | — | For write actions, the before/after of changed fields. |
Retention
Logs are retained for 12 months on Professional and 24 months on Enterprise. Older entries are deleted automatically. For longer retention, export to your own log store (see below).
Export
From Settings → Security → Audit log, filter by date, actor or action and export as CSV or JSON. Enterprise customers can stream the log to an S3-compatible bucket or to an HTTP endpoint of their choice.
Tamper-evident
Entries are append-only. They cannot be edited or deleted from the dashboard or the API.