This article explains the retention controls currently available in Leapwork Performance and what is captured in the administrative audit log.
It is intended for customer admins and security-minded workspace owners who need to understand what data is kept, what is removed over time, and which administrative actions are recorded.
What this article covers
-
Audit log retention
-
Asset retention
-
What the audit log records today
-
What admins can review and export
This article focuses on asset retention and administrative audit logs. It does not cover every other retention setting in the product, such as run or result retention.
Retention policies at a glance
Leapwork Performance currently supports two separate company-level retention controls in this area.
|
Policy |
What it applies to |
Current default |
What happens when the retention window is reached |
|---|---|---|---|
|
Audit log retention |
Administrative audit log records for the company |
90 days |
Older audit log records become eligible for background cleanup |
|
Asset retention |
Soft-deleted assets, including items such as sequences, timelines, and data items |
30 days |
Soft-deleted items become eligible for permanent cleanup |
Both policies are enabled by default in the current implementation.
Audit log retention
Audit log retention controls how long administrative audit records are kept for a company.
What this means in practice
-
New audit events continue to be recorded as normal.
-
Older audit records are removed only after they fall outside the configured retention window.
-
Cleanup runs in the background. It is not something users need to run manually.
Asset retention
Asset retention applies to items that have already been deleted from the workspace and are no longer active.
It does not delete active assets.
What this means in practice
-
A sequence, timeline, or data item must already be deleted before asset retention applies.
-
After the configured retention period, those deleted items become eligible for permanent cleanup.
-
Cleanup runs automatically in the background.
What the audit log captures today
The audit log is action-focused. It records administrative and execution-related events rather than acting as a raw capture of every page view.
Based on the current code, the audit log covers these categories:
|
Category |
Examples of audited activity |
|---|---|
|
Project management |
Create, rename, delete, restore, and permanently delete projects |
|
Asset management |
Create sequences and timelines, import JMX/HAR, rename assets, delete, restore, and permanently delete assets |
|
Data items and sequence editing |
Create and update data items, add or update sequence steps, move or duplicate steps, paste steps, delete steps, update sequence configuration |
|
Timeline updates |
Save or update track item configuration |
|
Test execution |
Start runs, start preview runs, stop runs, clean up executing runs |
|
Recording activity |
Start recording, stop recording, update recording allowlist settings |
|
User and role management |
Create users, invite users, update users, deactivate users, create/update/delete roles, update user-company assignments |
|
Company and domain settings |
Update company settings, valid domains, plan/domain mappings, recording URL governance |
|
Retention settings |
Update audit retention and asset retention policies |
|
Integrations and exports |
Run or stop integration-triggered runs, export audit logs |
What an audit log entry contains
Audit log entries are stored as structured records. In the current implementation, each entry includes these core fields:
|
Field |
Meaning |
|---|---|
|
Timestamp |
When the event was recorded |
|
Actor |
Who performed the action |
|
Actor type |
The role or actor category |
|
Action type |
What kind of action happened, such as create, update, delete, invite, execute, or allocation |
|
Target type |
The area affected, such as project, user account, retention policy, company settings, or integration |
|
Target name |
The specific item or context involved |
|
Outcome |
Whether the action succeeded or failed |
|
Details |
Human-readable event details |
The current implementation also supports correlation-based lookup for related events.
Reviewing and exporting audit logs
Leapwork Performance supports administrative audit log review and export.
In the current implementation, audit logs can be:
-
queried by actor and action type
-
queried by actor
-
queried by correlation ID
-
exported in CSV or Excel format
Access to audit logs depends on your assigned role and company scope. In practice, audit log access is intended for admin-capable roles rather than general contributors or read-only users.
Troubleshooting and common questions
A deleted asset is still visible in the deleted lifecycle. Why has retention not removed it yet?
Asset retention applies only after the item is deleted and the configured retention window has fully passed. Cleanup also runs as a background job rather than immediately at the moment the window is reached.
Will asset retention remove active projects, sequences, or timelines?
No. The current asset retention flow applies to items that have already been deleted. It does not remove active assets.
Are audit logs available forever?
No. Audit logs are subject to the configured audit retention policy. Older records become eligible for cleanup after the retention window.
Can audit logs be exported?
Yes. The current implementation supports audit log export in CSV and Excel format.
Does the audit log only track security settings?
No. It covers a broader set of administrative and execution-related actions, including user management, project and asset changes, execution activity, integrations, and retention policy updates.