diff --git a/docs.json b/docs.json
index 41470dc..637474d 100644
--- a/docs.json
+++ b/docs.json
@@ -89,6 +89,14 @@
"manage/remote-node/config-file"
]
},
+ {
+ "group": "Analytics",
+ "pages": [
+ "manage/analytics/request",
+ "manage/analytics/access",
+ "manage/analytics/action"
+ ]
+ },
"manage/domains",
"manage/integration-api",
"manage/branding"
diff --git a/manage/analytics/access.mdx b/manage/analytics/access.mdx
new file mode 100644
index 0000000..cfc5690
--- /dev/null
+++ b/manage/analytics/access.mdx
@@ -0,0 +1,44 @@
+---
+title: "Access Logs"
+description: "Access logs are a record of each access attempt to a Pangolin resource"
+---
+
+Access logs provide detailed information about each access attempt made to your Pangolin resources. These logs help you monitor and analyze user activity each time they attempt to authenticate.
+
+ Make sure to enable access logs in the org settings
+
+## What are Access Logs?
+
+Access logs capture authentication events when users or API keys attempt to access a resource. They record whether the authentication was successful or failed, along with contextual information about the attempt. These logs are useful for:
+
+- Monitoring authentication patterns and login attempts
+- Tracking which users are accessing which resources
+- Identifying failed authentication attempts for security analysis
+- Understanding geographic distribution of access attempts
+- Analyzing user agent and device information
+
+## Access Log Fields
+
+Each access log entry contains the following fields:
+
+| Field | Type | Description |
+|-------|------|-------------|
+| `timestamp` | number | Unix timestamp (in seconds) when the access attempt occurred |
+| `action` | boolean | Whether the access was allowed (`true`) or denied (`false`) |
+| `type` | string | The type of authentication event (e.g., "login", "password", "pincode") |
+| `actorType` | string | The type of actor making the access attempt ("user" or "apiKey") |
+| `actor` | string | The display name of the actor (username or API key name) |
+| `actorId` | string | The unique identifier for the actor (user ID or API key ID) |
+| `resourceId` | number | The ID of the resource being accessed (if applicable) |
+| `ip` | string | The IP address of the client making the access attempt |
+| `location` | string | The geographic location (country code) based on IP address |
+| `userAgent` | string | The user agent string of the client browser or application |
+| `metadata` | string | Additional contextual information in JSON format |
+
+## Log Retention
+
+Access log retention is controlled by the organization setting. By default, access logs are retained for 0 days (disabled).
+
+## Exporting
+
+Logs can be exported into CSV format for external analysis and archival. Logs can be exported from the table view in the Pangolin dashboard or via the Pangolin API. When exporting, you can specify date ranges and filters to narrow down the logs you need.
\ No newline at end of file
diff --git a/manage/analytics/action.mdx b/manage/analytics/action.mdx
new file mode 100644
index 0000000..bfec5bc
--- /dev/null
+++ b/manage/analytics/action.mdx
@@ -0,0 +1,39 @@
+---
+title: "Action Logs"
+description: "Action logs are a record of each event taken by users in the Pangolin system"
+---
+
+Action logs provide an audit trail of administrative actions and configuration changes made within your Pangolin organization. These logs help you track who made what changes and when.
+
+ Make sure to enable access logs in the org settings
+
+## What are Action Logs?
+
+Action logs capture administrative events and configuration changes performed by users or API keys in the Pangolin dashboard. They record management operations such as creating resources, modifying settings, managing users, and other organizational changes. These logs are useful for:
+
+- Maintaining an audit trail of configuration changes
+- Tracking administrative actions for compliance
+- Identifying who made specific changes to your infrastructure
+- Troubleshooting configuration issues by reviewing recent changes
+- Meeting security and compliance requirements
+
+## Action Log Fields
+
+Each action log entry contains the following fields:
+
+| Field | Type | Description |
+|-------|------|-------------|
+| `timestamp` | number | Unix timestamp (in seconds) when the action was performed |
+| `action` | string | The specific action that was performed (e.g., "createResource", "updateUser", "deleteTarget") |
+| `actorType` | string | The type of actor performing the action ("user" or "apiKey") |
+| `actor` | string | The display name of the actor (username or API key name) |
+| `actorId` | string | The unique identifier for the actor (user ID or API key ID) |
+| `metadata` | string | Additional contextual information about the action in JSON format (often contains request parameters) |
+
+## Log Retention
+
+Action log retention is controlled by the organization settings. By default, action logs are retained for 0 days (disabled).
+
+## Exporting
+
+Logs can be exported into CSV format for external analysis and archival. Logs can be exported from the table view in the Pangolin dashboard or via the Pangolin API. When exporting, you can specify date ranges and filters to narrow down the logs you need.
\ No newline at end of file
diff --git a/manage/analytics/request.mdx b/manage/analytics/request.mdx
new file mode 100644
index 0000000..0dce459
--- /dev/null
+++ b/manage/analytics/request.mdx
@@ -0,0 +1,55 @@
+---
+title: "Request Logs"
+description: "Request logs are a record of each HTTP request to a resource"
+---
+
+Request logs provide detailed information about every HTTP request made to your Pangolin resources. These logs capture both successful and denied requests along with comprehensive request metadata.
+
+## What are Request Logs?
+
+Request logs capture every HTTP request that passes through Pangolin's reverse proxy, including the request details, the decision made (allow or deny), and the reason for that decision. These logs are useful for:
+
+- Monitoring traffic patterns and request volumes
+- Debugging access issues and rule configurations
+- Analyzing API usage and endpoint popularity
+- Understanding geographic distribution of requests
+- Identifying potential security threats or unusual traffic patterns
+- Troubleshooting connectivity and routing issues
+
+## Request Log Fields
+
+Each request log entry contains the following fields:
+
+| Field | Type | Description |
+|-------|------|-------------|
+| `timestamp` | number | Unix timestamp (in seconds) when the request was made |
+| `action` | boolean | Whether the request was allowed (`true`) or denied (`false`) |
+| `reason` | number | Numeric code indicating the reason for the decision |
+| `actorType` | string | The type of actor making the request ("user", "apiKey", or null for anonymous) |
+| `actor` | string | The display name of the authenticated actor (username or API key name) |
+| `actorId` | string | The unique identifier for the authenticated actor |
+| `resourceId` | number | The ID of the resource that received the request |
+| `ip` | string | The IP address of the client making the request |
+| `location` | string | The geographic location (country code) based on IP address |
+| `userAgent` | string | The user agent string of the client browser or application |
+| `metadata` | string | Additional contextual information in JSON format |
+| `headers` | string | HTTP request headers in JSON format |
+| `query` | string | URL query parameters in JSON format |
+| `originalRequestURL` | string | The full original URL of the request |
+| `scheme` | string | The protocol scheme (http or https) |
+| `host` | string | The hostname from the request |
+| `path` | string | The URL path of the request |
+| `method` | string | The HTTP method (GET, POST, PUT, DELETE, etc.) |
+| `tls` | boolean | Whether the connection used TLS/SSL |
+
+## Log Retention
+
+Request log retention is controlled by the organization setting. By default, request logs are retained for 7 days.
+
+
+Request logs can generate significant data volume depending on your traffic. Consider your storage capacity when configuring retention periods.
+
+
+## Exporting
+
+Logs can be exported into CSV format for external analysis and archival. Logs can be exported from the table view in the Pangolin dashboard or via the Pangolin API. When exporting, you can specify date ranges and filters to narrow down the logs you need.
\ No newline at end of file