History
History Logs provide a complete audit trail of file and folder activity across your Files.com site. Each entry answers the questions administrators and auditors ask most often: who uploaded a file, who downloaded a sensitive document, who deleted a missing file, who renamed or moved content, and when a file was last accessed.
Administrators rely on History Logs to investigate suspicious activity, troubleshoot user-reported issues like missing or unexpectedly modified files, verify how share links and Inboxes are being used, reconstruct the sequence of events around a file or folder, and meet compliance requirements that depend on file-level evidence.
Each entry records the user who performed the action, the action itself, the timestamp, the location, and the resulting file change. Recorded events include uploads, downloads, reads, updates, deletions, moves, copies, and renames.
Files.com retains these logs for the lifetime of an active site.
Details Recorded in History Logs
Each history log entry includes detailed information, which is described in the table below.
| Column Name | Details |
|---|---|
| Date | The date and time the action occurred, displayed in the time zone of the current user. |
| User | The user who performed the action. The field appears blank when the action occurs outside a signed-in site user session, including when an external user uploads files to an inbox or downloads files from a share link. The username appears in italics if the user account was deleted. |
| Action | The action recorded in the History Log entry (for example, login, file read, file created, file updated, user created). |
| Description | The description of the action that was taken, and the file or folder or the user the action was taken on. |
| File Path | Full path of the file in case the action taken was on a file. |
| Folder Path | Full path of the folder in case the action taken was on a file or folder. |
| Action Source | Full path of the folder in case the action taken was a Move or Copy. |
| Action Destination | Full path of the folder in case the action taken was a Move or Copy. |
| Failure Type | Details of the failure in case there was a failure with the action and the reason is known. |
| IP | The IP address that the user connected from when performing this action. |
| Interface | The interface used by the user to perform the action (e.g., web, API, FTP, SFTP, AS2, email, desktop, mobile, office, remote, SCIM, WebDAV, JS API, Robot). |
Actions
History Logs record actions related to files, folders, users, groups, folder permissions, API keys, and login activity. Each entry represents a confirmed action that reflects verified access or a change on the site. History Logs capture meaningful audit events rather than every individual request.
History Logs record successful login events because they represent verified access to the site. Login failures do not represent a completed action and do not appear in History Logs or User Activity views. API logs record login failures along with every individual request made to the platform.
File and Folder Actions
History Logs record actions that reflect how users access and change files and folders on the site. These actions capture common file operations including downloads, uploads, updates, deletions, copies, and moves. The table below describes the file and folder actions recorded in History Logs.
| Files and Folders Actions Type | Details |
|---|---|
| Read | Downloads and file previews. |
| Created | Uploads, creation of new folders, or files. |
| Updated | Changes made to the content of files, including the overwriting of existing files. |
| Deleted | Deletes, including automatic expiry of files. |
| Copied | File copy operations. |
| Moved | File move operations, including file or folder renames. |
User, Group, Permission, and API Key Actions
History Logs record administrative actions related to user accounts, groups, folder permissions, and API keys. These entries capture creation, updates, and deletion events for users, Groups, and API keys, along with folder permission grants and removals.
As part of an ongoing effort to consolidate all non-file and non-folder events into a single source, the Settings Changes Logs now also records this activity. These entries in History Logs are planned for deprecation, and Settings Changes will serve as the canonical audit trail for administrative changes going forward. For administrative activity, refer to Settings Changes Logs.
| Action Type | Details |
|---|---|
| Login | Successful login to the site. |
| User created | Creation of a user account. |
| User updated | Changes made to an existing user account. |
| User deleted | Deletion of a user account. |
| Group created | Creation of a group. |
| Group updated | Changes made to an existing group. |
| Group deleted | Deletion of a group. |
| Permission created | A folder permission granted to a user or group. |
| Permission deleted | A folder permission removed from a user or group. |
| API key created | Creation of an API key. |
| API key updated | Changes made to an existing API key. |
| API key deleted | Deletion of an API key. |
Copy, Move, and Rename Actions
When files or folders are copied, Files.com treats each copied file as a newly created item on the site. Because each file represents a new object, the system logs a separate copy event for every file and subfolder involved. This results in detailed, file level history entries for copy operations.
When files or folders are renamed, Files.com records the action as a move. A rename changes the item’s path, even when the item remains in the same folder, so the system logs the rename as a move event.
When a folder that contains files is moved into another folder, Files.com treats the action as a change to the folder’s location rather than the creation of new items. The system logs a single move event for the parent folder and updates the paths of the files and subfolders it contains without logging separate move events for each item. When files are moved individually, Files.com logs each move as a separate action because each file location change occurs as its own operation.
Because a folder move does not create file level history entries, features that rely on file activity do not run during this operation. This includes email notifications, file triggered automations, and webhooks. For example, moving a folder that contains uploaded reports does not trigger upload alerts, since the system does not record individual file events during the folder move.
How History Logs Consolidate Repeated Actions
History Logs summarize activity to provide a clear and useful audit trail. They consolidate certain repeated actions to prevent high frequency workflows from overwhelming the log and to highlight meaningful activity.
Read and Update Actions
History Logs consolidate repeated Read and Updated actions that occur within a 15 minute window when the same user performs the same action on the same file from the same IP address using the same interface. When a user downloads or updates the same file multiple times within this window, History Logs record a single entry for that activity instead of separate entries for each occurrence.
Files.com uses this consolidation to keep History Logs clear and usable for real world workflows. Many file transfer processes upload files in small pieces, which produces a series of updates while a file grows. Other processes repeatedly download the same file to check for changes, which produces many read actions in a short period. Without consolidation, these patterns would flood the History view with repetitive entries that do not provide additional insight.
History Logs provide a summarized view of Read and Update activity, while API logs record every individual Read and Update request made to Files.com.
Login Activity
History Logs record successful logins to the site, capturing the user who signed in and the timestamp of the login. For protocols including FTP, SFTP, and WebDAV, clients often reconnect multiple times during a single user action, which generates multiple successful login events from the same IP address and protocol. History Logs consolidate these repeated successful logins into a single entry within a short time window to keep the log readable.
Login failures do not appear in History Logs or User Activity views. API logs record login failures along with every individual request made to Files.com.
Unauthenticated Activity
When a file action occurs outside a signed-in user session, the History Logs do not display a user. This happens when files are downloaded through a share link or uploaded to an Inbox. In these cases, the user field appears blank because the action did not occur under an authenticated site user.
Deleted User Accounts
History Logs preserve the original username on every entry, even after the user account is deleted from the site. If a user performs file or folder activity and that account is later removed, the log continues to show the original username on those historical entries but displays it in italics. The italics indicate that the user account no longer exists, allowing administrators to see who performed each action while recognizing that the account has since been deleted.
Filters
You can apply filters to narrow down your log view. For example, you can filter the logs to display only certain actions performed by a specific user on a particular date. Additionally, you can limit the results to a specific IP address. The available filter options include Start Date and End Date, Action, User, Folder Path, File Path, IP, and Interface.
When using Folder Path or File Path in filters, you can use wildcards to search for specific file or folder names instead of relying on exact paths when the path names are unknown. For example, you can search for *Invoice*.txt to filter any .txt file names containing the key word 'Invoice'.
Folder History
To view the history for a particular folder, you can either filter the History logs by Folder Path or navigate directly to that folder from All Files and click the File history button. Here, you will see a record of each action that has been taken within this folder since its creation.
File History
To view the history for a single file, you can either filter the History logs by File Path or, from the file browser, click on the ellipsis (...) button in the Actions column and select History. Here, you will see a record of each action that has been performed on this file since it was uploaded.
User History
To view the complete activity log for an individual user, you can either filter the History logs by User or navigate to User Accounts, select the user, edit their settings, and then choose the History tab. Here, you will see a record of each action taken by this user from the time their account was created.
Exporting History
You can export the audit logs by clicking Export button on the History page or you can export the same logs directly from your File browser by clicking Export history.
Exporting User Activity History
You can download the activity log history for a specific user or for all the users on your site.
To download the activity log for a specific user, navigate to User Accounts, select the user, edit their settings, and then choose the History tab. Click the Export button.
Exporting User Login History
To download the user login activity log for all the users on your site, go to the users page by typing "Manage Users" in the search box at the top of every page, and then clicking on the first result. Click the Export login history button to start the download. Select a starting and ending date range and the file format for the exported history.
All types of exported history files have fields for When, Who, What, IP, and Interface information. These fields can be searched and filtered in your spreadsheet application.
Interface as Robot in Logs
If you see a history entry with Interface listed as Robot, that means that the file action was performed by an Automation or File Expiration behavior (folder setting) configured on your Site.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes