Log System tracks admin actions, model calls, authentication, and system events. It helps administrators investigate issues, audit high-risk actions, check usage cost, and locate abnormal behavior.
Entry Point#
Open Logs in the admin console. The log center has four tabs: Audit, Usage logs, Authentication logs, and System events.
Each log type supports search, filtering, sorting, and detail view. Start with a time range, then narrow by user, resource, model, or event type.
Audit Logs#
Audit logs record admin and important user operations, such as create, update, delete, enable, disable, role change, status change, and configuration save.
Filter by actor, action, resource, result, and time range. Details show actor, resource, request marker, time, and event details, making it easier to answer who changed what and when.
Usage Logs#
Usage logs record model calls and billing information. They can be searched or filtered by user, platform model, upstream model, upstream name, binding code, protocol, billing mode, and time range.
Common sorting includes call time, cost, tokens, and latency. Sort by cost for abnormal spend, tokens for long-context problems, and latency for performance issues.
Usage details show platform model, upstream source, real model, tokens, cache, billing items, total cost, latency, and call count. Use them to verify pricing, investigate balance consumption, and confirm route selection.
Authentication Logs#
Authentication logs record sign-in, registration, refresh, verification, failures, lockouts, and related identity events. They are useful for login failures, locked accounts, identity provider problems, and suspicious sign-ins.
When a user cannot sign in, check authentication logs first, then compare account status, auth settings, email verification, and identity bindings.
System Events#
System events record important platform events, warnings, and errors. They can be searched and filtered by source, event, resource, level, and time range.
Use system events for file processing, vectorization, async tasks, external service connectivity, model failures, and runtime exceptions. Higher severity deserves earlier attention.
Log Details#
Click a log row to inspect details. Details are grouped by event, actor, request, user, resource, call, model route, and usage billing depending on log type.
Detailed JSON content is useful for administrators but should not be shared broadly. Treat user, model, resource, and internal context information according to your data policy.
Practical Tips#
Use the order “time range -> user or model -> event type -> details” when investigating. Use usage logs for cost, authentication logs for account security, audit logs for configuration changes, and system events for task failures.