System Logs

The System Logs page provides a centralized log viewer with two tabs: Audit Events for tracking administrative actions, and Application Logs for viewing real-time output from your installed applications. Both tabs support filtering, searching, and live streaming.

Admin only

System Logs requires admin privileges (admin.system.logs permission). Navigate to System > System Logs from the sidebar.

Key features

📋 Audit Trail

Complete record of admin actions — logins, settings changes, user management, and software operations

📄 Application Logs

View log output from any installed application with real-time streaming

🔍 Search & Filter

Filter audit events by user, action type, and date range to find exactly what you need

📡 Live Streaming

Stream log output in real time via server-sent events — no manual refresh needed

📤 Export

Export audit event logs for offline analysis or compliance reporting

🧹 Log Cleanup

Purge old audit events to manage database size

Audit Events tab

The Audit Events tab displays a searchable, filterable record of all administrative actions performed on the server. Every login attempt, settings change, user management action, and software operation is logged with timestamps and the acting user.

What gets logged

Audit events cover the following action types:

Authentication — Login attempts (successful and failed), logouts, session expirations
User management — User creation, deletion, bans, unbans, role changes, password resets
Settings changes — Any modification to system settings, security settings, or registration policies
Software operations — Application installs, removals, reinstalls, and updates
System actions — SSL certificate operations, VPN changes, maintenance mode toggles

Filtering events

Use the filter controls above the event list to narrow results:

User — Show events from a specific user
Action type — Filter by event category (authentication, user management, settings, etc.)
Date range — Limit results to a specific time period

Each event row can be expanded to reveal additional detail including the full action description, affected resource, and any associated metadata.

Exporting and purging

Export — Download the current filtered view of audit events for archival or analysis
Purge — Remove old audit events from the database to manage disk usage. Use the date filter to target events older than a specific date before purging

Purging is permanent

Purged audit events cannot be recovered. Export your logs before purging if you need to retain them for compliance or reference.

Live streaming

New audit events appear automatically as they occur — the tab streams events in real time. You do not need to refresh the page to see new entries.

Application Logs tab

The Application Logs tab lets you view log output from any installed application on your server.

Viewing logs

Select an application — Choose from the dropdown list of installed applications
Stream output — Log lines appear in real time as the application writes them
Search — Search within the current log output to find specific entries

The log viewer streams output directly from the application’s log files using server-sent events, so you see new entries as they are written — similar to running tail -f on the server.

CLI equivalent

Dashboard Action	CLI Command
Generate diagnostic log bundle	`qb generate log`
Clean user action logs	`qb clean user_action_logs`
Clean system action logs	`qb clean system_action_logs`

Dashboard advantage

The dashboard provides a visual log viewer with real-time streaming, filtering, and export capabilities that are not available through the CLI. The CLI log commands generate a diagnostic bundle or clean stored logs.

Best practices

Do

Review audit events regularly to stay aware of admin actions on your server — especially login failures and user management changes
Export audit logs periodically if you need to maintain a compliance trail or long-term record
Use the date filter before purging to target only events older than your retention requirement
Use the application log viewer to troubleshoot issues before SSHing into the server — it is often faster

Don't

Don't purge audit events without exporting first if you may need them for compliance or troubleshooting
Don't ignore repeated failed login attempts in the audit log — they may indicate a brute-force attempt
Don't leave the log viewer streaming indefinitely on a busy server — it consumes bandwidth while active

FAQ

Audit events are retained indefinitely until you manually purge them. There is no automatic expiration. If your database is growing large, use the purge function to remove old events.

Yes. The Application Logs tab reads from the application's log file on disk, so historical log entries are available even if the application is stopped. Live streaming will resume when the application starts writing to its log file again.

Audit events are structured records of admin actions within the dashboard (logins, settings changes, user management). Application logs are the raw log output from installed software like Plex, Sonarr, or qBittorrent — the same output you would see by reading the application's log file on the server.

No. System Logs requires the admin.system.logs permission, which is only available to admin roles. Regular users cannot access this page.

System Monitoring

Monitor server health, resource usage, and service status

Updates & Changelog

Check for updates and view release notes

Security Settings

Manage IP bans and security policies

User Admin

Manage users — actions are logged in the audit trail

Join the Community

Media server operators sharing configs, getting support, and shaping the future of QuickBox Pro.

Dedicated Support

Feature Previews

Community Configs

Active Discussions

Join Discord Server