> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Audit Analytics

> Browse, filter, and export audit trail data with optional real-time event streaming.

The Audit Analytics screen provides paginated audit log browsing and export at the route `/settings/audit-analytics`.

## Overview

The screen has three tabs: Audit Logs (paginated table of historic records), Realtime (live stream of new events), and Export (compliance report generation). The Audit Logs tab supports filtering by module, action, and date range with deferred input to reduce query load. Records are displayed in a table with columns for Timestamp, Module, Action, Table, and User; clicking a row opens a detail dialog that flags rows from PHI-sensitive tables. The Realtime tab is gated on `pf.audit.analytics.realtime_view`; the Export tab on `pf.audit.analytics.export`. The entire page is wrapped in a `PermissionGate` for `pf.audit.analytics.view`.

## Who it's for

Required permission: `pf.audit.analytics.view` (primary access); `pf.audit.analytics.realtime_view` (Realtime tab); `pf.audit.analytics.export` (Export tab)

## Before you start

* You must hold the `pf.audit.analytics.view` permission.
* Additional permissions unlock the Realtime and Export tabs.

## Steps

<Steps>
  <Step title="Open Audit Analytics">Navigate to Settings → Audit Analytics.</Step>
  <Step title="Filter logs">Enter module, action, or date range filters to narrow the audit log results.</Step>
  <Step title="Inspect a record">Click any row to open the detail dialog; rows from PHI-sensitive tables are flagged.</Step>
  <Step title="Browse pages">Use Previous / Next pagination controls for large result sets.</Step>
  <Step title="Monitor in real time">Switch to the Realtime tab (requires permission) to watch new audit events as they arrive.</Step>
  <Step title="Export compliance report">Switch to the Export tab (requires permission) and generate a compliance report.</Step>
</Steps>

## Key concepts

* `PHI_SENSITIVE_TABLES` — list of table names flagged for PHI sensitivity in the detail dialog
* `PF_AUDIT_ANALYTICS` / `PF_AUDIT_REALTIME` — feature flags controlling tab availability
* Compliance report export — available to users with `pf.audit.analytics.export`

## Related

<Columns cols={2}>
  <Card title="Platform Foundation" icon="layer-group" href="/pf/overview">
    Platform Foundation overview.
  </Card>

  <Card title="Governance & parity" icon="scale-balanced" href="/governance/index">
    Documentation coverage and governance.
  </Card>
</Columns>

<Note>
  This page documents shipped product behavior. It is not medical, legal, or
  billing advice. Verify against your organization's policies and applicable
  regulations before using it for clinical, compliance, or billing decisions.
  Protected health information (PHI) shown in the product is governed by your
  tenant's access controls and is never exposed in this documentation.
</Note>

<Accordion title="Documentation sources">
  * src/routes/platform.tsx
  * src/platform/audit/AuditAnalyticsDashboard.tsx
</Accordion>
