Skip to content


RStudio Connect records information about changes to the system. These events can be obtained for auditing purposes. Audited information is available in the RStudio Connect dashboard, by using the auditing endpoints in the Connect Server API, using the usermanager administrative command, or through an optional log file.

The auditing system cannot be disabled and always records changes to the RStudio Connect database.

Audited Events#

This table contains the event types logged by the auditing system:

Event Description
add_user Create a user
edit_user Change an existing user
remove_user *Delete a user
update_lock_user Set or remove a lock for an existing user
add_application Add new content
upload_bundle Upload a bundle for a content
deploy_application Deploy content to the server. Content may need to be published after deployment.
edit_application Change content settings
remove_application Delete content
activate_token Activate a token. Tokens are used by the rsconnect package to authenticate a user.
add_group Create a group
edit_group *Change an existing group
remove_group Delete a group
add_group_member Add a user to a group
remove_group_member Remove a user from a group
assign_user_app_role Give a user view or edit access to content
remove_user_app_role Remove a user from view or edit access list
assign_group_app_role Give a group view or edit access to content
remove_group_app_role Remove a group from view or edit access list
clear_app_viewer_acl Change from a specific list of viewers to "just me"
add_api_key Add API key
edit_api_key *Change an existing API key
remove_api_key Remove API key
add_vanity Add vanity URL
update_vanity Update vanity URL
remove_vantiy Remove vanity URL
remove_bundle Remove a bundle
download_bundle Download a bundle
add_tag Create a tag/category
remove_tag Delete a tag/category
update_tag Update a tag/category
assign_tag_to_parent Associate a tag with some parent tag/category
add_app_tag Associate a tag with content
remove_app_tag Disassociate a tag with content
updated_environment_variables Change to application environment variables
user_login A user has started a dashboard session
web_sudo A user needed to re-authenticate for a privileged action after a WebSudo timeout


The events marked with an asterisk can only be performed using via the usermanager administration command.

Audit Log File#


This section describes a deprecated logging implementation which will be removed entirely with RStudio Connect's November 2022 edition. See the logging documentation for additional details.

Audited events can be optionally written to a file.

The Server.AuditLogFormat configuration setting controls whether or not auditing records are written to disk. By default, Server.AuditLogFormat has the value none, which indicates that auditing information is not written to disk.

Setting Server.AuditLogFormat to CSV or JSON will write to the file named by the Server.AuditLog option.

By default, Server.AuditLog writes to /var/log/rstudio-connect.audit.log. The Server.AuditLog file is created only when the Server.AuditLogFormat permits on-disk logging.


Audit log files contain actions performed through a specific RStudio Connect server. In a clustered installation, the auditing files from each server need to be combined.

The Connect dashboard, Server API, and usermanager tool present all auditing information, not per-server records.

This configuration example enables CSV audit logging and is using the default audit log location.

; /etc/rstudio-connect/rstudio-connect.gcfg
AuditLogFormat = "CSV"

This configuration example enables JSON audit logging and writes to a different file name.

; /etc/rstudio-connect/rstudio-connect.gcfg
AuditLogFormat = "JSON"
AuditLog = "/var/log/rstudio-connect.audit.json"


RStudio Connect will refuse to start if the Server.AuditLog file already exists and has content that appears to contradict the format requested by Server.AuditLogFormat. In other words, if the file looks like it is in CSV format but the configuration requests JSON or looks like JSON and the configuration requests CSV, the server will not start.

CSV format#

The CSV audit log format has fields written in the following order:

  • The database ID of the audit log record.

  • The timestamp of the record, in RFC 3339.

  • The database ID of the user that performed the action.

  • The description of the user.

  • The action the user performed.

  • The description of the event.

JSON format#

When formatting entries in JSON, each text line written to the audit log file will be a single, complete JSON object with the same data as for CSV with field names, id, time, user_id, user_description, action and event_description, respectively.

The specification of the JSON object is the one used for Audit Logs in the Connect Server API.

Command-Line Interface#

The usermanager administration command-line tool can produce CSV and JSON containing auditing records, and can also filter by time interval. See the Command-Line interface appendix for more information about the usermanager tool.