History
History Logs show site wide activity for files, user accounts, groups, login events, permissions, and API keys.
Files.com maintains an audit log that records activity across the site. Each entry records the user who performed the action, the action itself, the time of the event, the location of the action, and the resulting file change. This log allows administrators to review file access and operational activity.
Authenticated users with the appropriate permissions can view History Logs. The History page displays activity from the previous 24 hours by default.
History Logs record operational events related to files, including creation, reading, updates, deletion, movement, and copying. The logs also record events related to user accounts and groups, including creation, updates, deletion, and provisioning activity performed through SCIM.
History Logs record changes to folder permissions. Each entry records when a permission is granted, modified, or removed on a folder, identifies the user who performed the change, and records the timestamp of the event.
History Logs also record the lifecycle of API keys. Each entry records when an API key is created, updated, or deleted and identifies the user responsible for the action.
When a file action occurs outside a signed-in user session, the History Logs do not display a user. This occurs when files are downloaded through a share link or uploaded to an inbox. In these cases, the user field appears blank because the action did not occur under an authenticated site user.
If a user account no longer exists on the site, the History Logs display the username in italics to indicate that the account was deleted.
History Logs display site-wide activity related to files, user accounts, groups, login events, folder permissions, and API keys.
Files.com retains these logs for the lifetime of an active site.
Details Recorded in History Logs
Each history log entry includes detailed information, which is described in the table below.
| Column Name | Details |
|---|---|
| Date | The date and time the action occurred, displayed in the time zone of the current user. |
| User | The user who performed the action. The field appears blank when the action occurs outside a signed-in site user session, including when an external user uploads files to an inbox or downloads files from a share link. The username appears in italics if the user account was deleted. |
| Action | The action recorded in the History Log entry (for example, login, file read, file created, file updated, user created). |
| Description | The description of the action that was taken, and the file or folder or the user the action was taken on. |
| File Path | Full path of the file in case the action taken was on a file. |
| Folder Path | Full path of the folder in case the action taken was on a file or folder. |
| Action Source | Full path of the folder in case the action taken was a Move or Copy. |
| Action Destination | Full path of the folder in case the action taken was a Move or Copy. |
| Failure Type | Details of the failure in case there was a failure with the action and the reason is known. |
| IP | The IP address that the user connected from when performing this action. |
| Interface | The interface used by the user to perform the action (e.g., web, API, FTP, SFTP, AS2, email, desktop, mobile, office, remote, SCIM, WebDAV, JS API, Robot). |
Actions
History Logs record actions related to files, folders, users, groups, folder permissions, API keys, and login activity. Each entry represents a confirmed action that reflects verified access or a change on the site. History Logs capture meaningful audit events rather than every individual request.
History Logs record successful login events because they represent verified access to the site. Login failures do not represent a completed action and do not appear in History Logs or User Activity views. API logs record login failures along with every individual request made to the platform.
File and Folder Actions
History Logs record actions that reflect how users access and change files and folders on the site. These actions capture common file operations including downloads, uploads, updates, deletions, copies, and moves. The table below describes the file and folder actions recorded in History Logs.
| Files and Folders Actions Type | Details |
|---|---|
| Read | Downloads and file previews. |
| Created | Uploads, creation of new folders, or files. |
| Updated | Changes made to the content of files, including the overwriting of existing files. |
| Deleted | Deletes, including automatic expiry of files. |
| Copied | File copy operations. |
| Moved | File move operations, including file or folder renames. |
User, Group, Permission, and API Key Actions
History Logs record actions related to user accounts, groups, folder permissions, API keys, and login activity.
| Action Type | Details |
|---|---|
| Login | Successful login to the site. |
| User created | Creation of a user account. |
| User updated | Changes made to an existing user account. |
| User deleted | Deletion of a user account. |
| Group created | Creation of a group. |
| Group updated | Changes made to an existing group. |
| Group deleted | Deletion of a group. |
| Permission created | A folder permission granted to a user or group. |
| Permission deleted | A folder permission removed from a user or group. |
| API key created | Creation of an API key. |
| API key updated | Changes made to an existing API key. |
| API key deleted | Deletion of an API key. |
Copy, Move, and Rename Actions
When files or folders are copied, Files.com treats each copied file as a newly created item on the site. Because each file represents a new object, the system logs a separate copy event for every file and subfolder involved. This results in detailed, file level history entries for copy operations.
When files or folders are renamed, Files.com records the action as a move. A rename changes the item’s path, even when the item remains in the same folder, so the system logs the rename as a move event.
When a folder that contains files is moved into another folder, Files.com treats the action as a change to the folder’s location rather than the creation of new items. The system logs a single move event for the parent folder and updates the paths of the files and subfolders it contains without logging separate move events for each item. When files are moved individually, Files.com logs each move as a separate action because each file location change occurs as its own operation.
Because a folder move does not create file level history entries, features that rely on file activity do not run during this operation. This includes email notifications, file triggered automations, and webhooks. For example, moving a folder that contains uploaded reports does not trigger upload alerts, since the system does not record individual file events during the folder move.
How History Logs Consolidate Repeated Actions
History Logs summarize activity to provide a clear and useful audit trail. They consolidate certain repeated actions to prevent high frequency workflows from overwhelming the log and to highlight meaningful activity.
Read and Update Actions
History Logs consolidate repeated Read and Updated actions that occur within a 15 minute window when the same user performs the same action on the same file from the same IP address using the same interface. When a user downloads or updates the same file multiple times within this window, History Logs record a single entry for that activity instead of separate entries for each occurrence.
Files.com uses this consolidation to keep History Logs clear and usable for real world workflows. Many file transfer processes upload files in small pieces, which produces a series of updates while a file grows. Other processes repeatedly download the same file to check for changes, which produces many read actions in a short period. Without consolidation, these patterns would flood the History view with repetitive entries that do not provide additional insight.
History Logs provide a summarized view of Read and Update activity, while API logs record every individual Read and Update request made to Files.com.
Login Actions
History Logs record successful login events. For protocols including FTP, SFTP, and WebDAV, clients often reconnect multiple times during a single user action. These reconnects generate multiple successful login events from the same IP address and protocol. History Logs consolidate these repeated successful logins into a single entry within a short time window to keep the log readable.
Login failures do not appear in History Logs or User Activity views. API logs record login failures along with every individual request made to Files.com.
Filters
You can apply filters to narrow down your log view. For example, you can filter the logs to display only certain actions performed by a specific user on a particular date. Additionally, you can limit the results to a specific IP address. The available filter options include Start Date and End Date, Action, User, Folder Path, File Path, IP, and Interface.
When using Folder Path or File Path in filters, you can use wildcards to search for specific file or folder names instead of relying on exact paths when the path names are unknown. For example, you can search for *Invoice*.txt to filter any .txt file names containing the key word 'Invoice'.
Folder History
To view the history for a particular folder, you can either filter the History logs by Folder Path or navigate directly to that folder from All Files and click the File history button. Here, you will see a record of each action that has been taken within this folder since its creation.
File History
To view the history for a single file, you can either filter the History logs by File Path or, from the file browser, click on the ellipsis (...) button in the Actions column and select History. Here, you will see a record of each action that has been performed on this file since it was uploaded.
User History
To view the complete activity log for an individual user, you can either filter the History logs by User or navigate to User Accounts, select the user, edit their settings, and then choose the History tab. Here, you will see a record of each action taken by this user from the time their account was created.
Exporting History
You can export the audit logs by clicking Export button on the History page or you can export the same logs directly from your File browser by clicking Export history.
Exporting User Activity History
You can download the activity log history for a specific user or for all the users on your site.
To download the activity log for a specific user, navigate to User Accounts, select the user, edit their settings, and then choose the History tab. Click the Export button.
Exporting User Login History
To download the user login activity log for all the users on your site, go to the users page by typing "Manage Users" in the search box at the top of every page, and then clicking on the first result. Click the Export login history button to start the download. Select a starting and ending date range and the file format for the exported history.
All types of exported history files have fields for When, Who, What, IP, and Interface information. These fields can be searched and filtered in your spreadsheet application.
Interface as Robot in Logs
If you see a history entry with Interface listed as Robot, that means that the file action was performed by an Automation or File Expiration behavior (folder setting) configured on your Site.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes