History
Files.com maintains an audit log that shows who performed an action, what action occurred, when it occurred, where it occurred, and how files changed. This log helps you review file access and changes across your site. Users who are logged in and have the appropriate permissions can view History Logs. By default, the History page displays activity from the last 7 days.
History Logs record key events related to files, including creation, reading, updating, deletion, movement, and copying. They also record activity related to user accounts and groups, including creation, updates, deletion, and provisioning activity through SCIM.
History Logs also record permission changes on folders, including when permissions are added or removed. The log tracks the lifecycle of API keys from creation through updates and deletion.
Some file actions do not include a specific user identity. This occurs when an external contact uploads files to an inbox or downloads files through a share link.
History Logs show site wide activity for files, user accounts, groups, login events, permissions, and API keys.
Files.com retains History Logs for 7 years.
What is Logged
Each history log entry includes detailed information, which is described in the table below.
| Column Name | Details |
|---|---|
| Date | The date and time the action occurred, displayed in the time zone of the current user. |
| User | The user who performed the action. |
| Action | The specific action that was taken (e.g., Login, Login failure, File created, File updated etc.,). |
| Description | The description of the action that was taken, and the file or folder or the user the action was taken on. |
| File Path | Full path of the file in case the action taken was on a file. |
| Folder Path | Full path of the folder in case the action taken was on a file or folder. |
| Action Source | Full path of the folder in case the action taken was a Move or Copy. |
| Action Destination | Full path of the folder in case the action taken was a Move or Copy. |
| Failure Type | Details of the failure in case there was a failure with the action and the reason is known. |
| IP | The IP address that the user connected from when performing this action. |
| Interface | The interface used by the user to perform the action (e.g., web, API, FTP, SFTP, AS2, email, desktop, mobile, office, remote, SCIM, WebDAV, JS API, Robot). |
Actions
Files.com History Logs record key actions related to users, groups, files, API keys, and permissions. These logs focus on meaningful audit activity that reflects confirmed access and changes on your site, rather than recording every individual request.
For login activity, History Logs record successful login events because they represent verified access to the site. Login failures do not indicate a completed action and are recorded in API logs instead. As a result, login failures do not appear in History Logs or User Activity views.
For files and folders, History Logs record the following additional actions.
| Files and Folders Actions Type | Details |
|---|---|
| Read | Downloads and file previews. |
| Created | Uploads, creation of new folders, or files. |
| Updated | Changes made to the content of files, including the overwriting of existing files. |
| Deleted | Deletes, including automatic expiry of files. |
| Copied | File copy operations. |
| Moved | File move operations, including file or folder renames. |
Copy, Move, and Rename Actions
When files or folders are copied, Files.com treats each copied file as a newly created item on the site. Because each file represents a new object, the system logs a separate copy event for every file and subfolder involved. This results in detailed, file level history entries for copy operations.
When files or folders are renamed, Files.com records the action as a move. A rename changes the item’s path, even when the item remains in the same folder, so the system logs the rename as a move event.
When a folder that contains files is moved into another folder, Files.com treats the action as a change to the folder’s location rather than the creation of new items. The system logs a single move event for the parent folder and updates the paths of the files and subfolders it contains without logging separate move events for each item. When files are moved individually, Files.com logs each move as a separate action because each file location change occurs as its own operation.
Because a folder move does not create file level history entries, features that rely on file activity do not run during this operation. This includes email notifications, file triggered automations, and webhooks. For example, moving a folder that contains uploaded reports does not trigger upload alerts, since the system does not record individual file events during the folder move.
How History Logs Consolidate Repeated Actions
History Logs summarize activity to provide a clear and useful audit trail. They consolidate certain repeated actions to prevent high frequency workflows from overwhelming the log and to highlight meaningful activity.
Read and Update Actions
History Logs consolidate repeated Read and Updated actions that occur within a 15 minute window when the same user performs the same action on the same file from the same IP address using the same interface. When a user downloads or updates the same file multiple times within this window, History Logs record a single entry for that activity instead of separate entries for each occurrence.
Files.com uses this consolidation to keep History Logs clear and usable for real world workflows. Many file transfer processes upload files in small pieces, which produces a series of updates while a file grows. Other processes repeatedly download the same file to check for changes, which produces many read actions in a short period. Without consolidation, these patterns would flood the History view with repetitive entries that do not provide additional insight.
History Logs provide a summarized view of Read and Update activity, while API logs record every individual Read and Update request made to Files.com.
Login Actions
History Logs record successful login events. For protocols including FTP, SFTP, and WebDAV, clients often reconnect multiple times during a single user action. These reconnects generate multiple successful login events from the same IP address and protocol. History Logs consolidate these repeated successful logins into a single entry within a short time window to keep the log readable.
Login failures do not appear in History Logs or User Activity views. API logs record login failures along with every individual request made to Files.com.
Filters
You can apply filters to narrow down your log view. For example, you can filter the logs to display only certain actions performed by a specific user on a particular date. Additionally, you can limit the results to a specific IP address. The available filter options include Start Date and End Date, Action, User, Folder Path, File Path, IP, and Interface.
When using Folder Path or File Path in filters, you can use wildcards to search for specific file or folder names instead of relying on exact paths when the path names are unknown. For example, you can search for *Invoice*.txt to filter any .txt file names containing the key word 'Invoice'.
Folder History
To view the history for a particular folder, you can either filter the History logs by Folder Path or navigate directly to that folder from All Files and click the File history button. Here, you will see a record of each action that has been taken within this folder since its creation.
File History
To view the history for a single file, you can either filter the History logs by File Path or, from the file browser, click on the ellipsis (...) button in the Actions column and select History. Here, you will see a record of each action that has been performed on this file since it was uploaded.
User History
To view the complete activity log for an individual user, you can either filter the History logs by User or navigate to User Accounts, select the user, edit their settings, and then choose the History tab. Here, you will see a record of each action taken by this user from the time their account was created.
Exporting History
You can export the audit logs by clicking Export button on the History page or you can export the same logs directly from your File browser by clicking Export history.
Exporting User Activity History
You can download the activity log history for a specific user or for all the users on your site.
To download the activity log for a specific user, navigate to User Accounts, select the user, edit their settings, and then choose the History tab. Click the Export button.
Exporting User Login History
To download the user login activity log for all the users on your site, go to the users page by typing "Manage Users" in the search box at the top of every page, and then clicking on the first result. Click the Export login history button to start the download. Select a starting and ending date range and the file format for the exported history.
All types of exported history files have fields for When, Who, What, IP, and Interface information. These fields can be searched and filtered in your spreadsheet application.
Interface as Robot in Logs
If you see a history entry with Interface listed as Robot, that means that the file action was performed by an Automation or File Expiration behavior (folder setting) configured on your Site.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes