Skip to main content
The Activity Log is Xobito’s built-in audit trail. Whenever a staff member does something meaningful — creates a contact, sends a campaign, submits a template to Meta, edits a bot, adds or removes another staff member — Xobito writes a row into the log.
The Activity Log is scoped to your workspace. Entries never leak between workspaces, and they’re not visible to any other tenant or to the Xobito team unless you actively share them during support.

What gets logged

Not every click is logged — only actions that change state. A non-exhaustive list:
  • Contact created, edited, deleted, bulk-imported
  • Campaign created, edited, sent, deleted
  • Template created, submitted to Meta, edited, deleted
  • Bot Flow, Message Bot, or Template Bot created / edited / deleted / enabled / disabled / cloned
  • Staff member invited, edited, removed
  • Role created, edited, deleted
  • Connection to Meta Business made or broken
  • WhatsApp or System settings changed
  • Custom fields, groups, sources, statuses created / edited / deleted
  • Canned replies and AI prompts created / edited / deleted
Every entry captures:
FieldPurpose
UserWhich staff member (or the workspace owner) triggered the action
ActionWhat happened — e.g. “created contact”, “deleted campaign”
TargetThe specific record affected (with ID where relevant)
TimestampWhen the action was taken
IP / user agentWhere applicable, for security audits

Open the Activity Log

Go to Team → Activity Log.
Activity log page
The log is a straightforward reverse-chronological table. The newest action is at the top.

Filtering

Use the filters at the top of the page to narrow the log down:
  • User — show only actions by one staff member.
  • Date range — restrict the time window.
  • Action type — filter to a specific kind of action (where available).
When investigating something like “the welcome bot is suddenly replying wrong”, filter by the bot’s name and last 7 days. You’ll see every change applied to it in order, with the responsible user against each.

Purging the log

Users with tenant.activity_log.delete can delete entries.
Deleting Activity Log entries is permanent and unrecoverable. Xobito does not keep a backup of the log separately from the log itself. Only give the tenant.activity_log.delete permission to the very small number of people who legitimately need it.
Common reasons for purging:
  • Housekeeping after a very old, very large workspace has accumulated years of entries.
  • Responding to a data-protection request.
For most workspaces, the right answer is to leave the log alone and never delete entries. Disk usage from the log is usually negligible.

Permissions

PermissionAllows
tenant.activity_log.viewRead the Activity Log
tenant.activity_log.deletePurge entries from the Activity Log
The workspace owner has both automatically.

Storage

Activity Log entries are kept in the wm_activity_logs table on your tenant database. They persist until explicitly deleted. If you’re running your own backup process against the Xobito database, make sure this table is included.

Common investigations

Filter by the flow’s target name (or just by recent Bot Flow actions) and look for edit entries. Each edit shows the user and the timestamp.
Filter to deleted actions in the relevant day. The target column shows the template name and ID, so you can match it even if the template itself is gone.
Filter by the user you suspect and look for “campaign sent” entries. The campaign ID links back to the campaign record.
Filter to actions on WhatsApp Settings or Connect Account. Changes here are rare and almost always meaningful when they happen.

Roles & Permissions

Control who can view or purge the Activity Log.

Staff Members

See who currently has access and to what.