Go to Audit → Configuration → Audit Configuration and click New. Here you define exactly what to monitor and who to monitor it for.

• Configuration Name: Give your rule a meaningful name, e.g. "Sale order Audit".
• Model to Audit: Select the Odoo model you want to track — e.g. Sales Order, Invoice, User.
• Apply to All Users: Toggle ON to monitor every user, or toggle OFF to select specific users.
• Operations to Track: Enable any combination of Track Create, Track Write, Track Read, Track Delete.
• Field Tracking: Leave Fields to Track empty to track all fields, or select specific fields to narrow the scope.

📷 Screenshot — Audit Configuration Form

The screenshot shows a live configuration named "Sale order Audit" targeting the Sales Order model. Track Create, Track Write, and Track Delete are enabled. Track Read is deliberately left off to avoid log flooding. Apply to All Users is checked, meaning every user's actions on Sale Orders will be captured. The Fields to Track is left empty — the system will automatically record all field changes. The Help tab at the bottom provides an inline guide for quick reference.

Navigate to Audit → Audit Logs to see a real-time list of all captured activities. Every row represents one recorded action performed by a user in the system.

• Action Date: The exact timestamp of when the action occurred.
• User: The Odoo user who performed the action (e.g. Mitchell Admin).
• Model: The Odoo model that was affected (e.g. Sales Order, User).
• Record ID: The internal database ID of the specific record that was touched.
• Operation: The type of action — Create, Write, Delete, or Read.
• Changed Fields: If a Write operation, this column shows which specific field names were modified (e.g. state, groups_id, tz, signature).
• IP Address: The network address of the user who performed the action — vital for security investigation.

📷 Screenshot — Audit Logs List View

The screenshot shows 9 audit records captured in the last 7 days, covering two models: User and Sales Order. You can see a variety of operations: multiple Write entries recording field-level changes like image_1920, tz, signature, and groups_id, one Create entry, one Delete entry for Sales Order ID 4, and a Write on the state field of Sales Order ID 4. All entries correctly show the IP Address 127.0.0.1, confirming the system is capturing network information. You can use the Last 7 Days quick filter (visible in the search bar), or search by user, model, or operation type.

Click on any row in the Audit Logs list to open its complete detail view. This gives you a full forensic record of exactly what changed during that operation.

• Header: Shows the User, the Operation type, the Model, its Technical Name, the exact Record ID, and the precise Action Date with timestamp.
• IP Address: The network address is displayed prominently to confirm who accessed the system and from where.
• Field Changes tab: Lists only the fields that were actually modified during a Write operation.
• New Values tab: Shows a complete JSON snapshot of all field values after the operation was performed. For a Create operation, this is the full initial data of the record.
• Old Values tab: Shows the field values before the change — available for Write operations to enable before/after comparison.

📷 Screenshot — Audit Log Detail (Create Operation on User)

This screenshot shows the detail view for a Create operation on the User model (res.users), Record ID 11, performed by Mitchell Admin at 03/12/2026 11:22:47 from IP 127.0.0.1. The New Values tab is active and shows a complete JSON snapshot of all field values at the time of user creation. This level of detail makes it possible to fully reconstruct the exact state of any record at the moment it was created.

To maintain database performance, go to Audit → Configuration → Clear Audit Logs. A safe wizard opens with full filter controls — giving Audit Managers precise control over which logs to delete.

• Clear All Logs toggle: When enabled, clears every audit log in the system (with a prominent warning before proceeding).
• Filter Options — Models: Restrict deletion to logs from a specific model only (e.g. clear only Sales Order logs).
• Filter Options — Users: Delete logs for one specific user without affecting others.
• Filter Options — Date From / Date To: Clear only logs within a specific date range to preserve recent history.
• Operations to Clear: Choose exactly which operation types to remove — Clear Create Operations, Clear Write Operations, Clear Read Operations, Clear Delete Operations. Each can be toggled independently.
• Delete Logs button: Red confirmation button — executes the deletion only after the manager reviews all selected filters.

📷 Screenshot — Clear Audit Logs Wizard

The screenshot shows the Clear Audit Logs dialog open over the Audit Configuration list. The wizard clearly displays a yellow warning banner for managers. The Filter Options section lets you target by Models and Users, and restrict by Date From and Date To. The Operations to Clear section provides four independent checkboxes. The prominent red "Delete Logs" button ensures the action is deliberate.