Make human-readable Audit Event messages from the UI available in the API

Release notes

The audit events UI is somewhat painful, considering that only one month is viewable at a time. However, the action field in the UI (a human readable description of the event) is extremely useful and isn't present, at least not directly, in the API.

It seems like the action message is constructed from the audit event's data, which varies by event. If this could be made available to API audit log returns, it'd be very helpful for reporting, compliance, and on-the-fly troubleshooting.

Problem to solve

As a group/project owner or maintainer, I have no central place to view audit events without paging through a tedious UI As a developer, the audit log return packet contains a lot of disparate fields but not necessarily a human readable message like the UI has, and I'd like to be able to surface human-readable messages.

Intended users

people who find something they don't expect in a project/group and are wondering "how did this happen?" or "who made this change?"
people looking to prevent that from happening
auditors who want to make sure nothing untoward was changed

Personas are described at https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/

Metrics

There is no way to track what people do with API fields. The time necessary to construct or return audit messages is probably worth tracking.

User experience goal

Users see a human-readable message for all messages when they hit the audit_events API for projects and groups.

Proposal

Move the logic that constructs the human-readable messages in the UI into the API.

Further details

Permissions and Security

None

Documentation

Availability & Testing

Available Tier

What does success look like, and how can we measure that?

All audit log message returns from the API have a human-readable action description.

What is the type of buyer?

Is this a cross-stage feature?

Links / references

Edited Jul 28, 2025 by 🤖 GitLab Bot 🤖