add logs fields to logs

Author: ellakz

docs/cloud/features/collaboration-and-communication/audit_logs/index.mdx

@@ -0,0 +1,36 @@
+---
+title: Logs
+sidebarTitle: Logs
+---
+
+The **Logs** feature allows workspace admins to track and export both user actions and system-level events across the platform. This includes user configuration changes, data synchronization events, and alert deliveries.
+
+This feature provides visibility into workspace activity and helps support audit readiness, team coordination, operational monitoring, and troubleshooting.
+
+## Log Types
+
+- **[User Activity Logs](/cloud/features/collaboration-and-communication/audit_logs/user-activity-logs)** - Track changes made by users across the system
+- **[System Logs](/cloud/features/collaboration-and-communication/audit_logs/system-logs)** - Track system-level events and operations
+
+## How to Access Logs
+
+Once enabled for your account, access the logs:
+
+<Frame>
+  <div className="dark:bg-white rounded-md p-4">
+    <img
+      height ="400"
+      width="400"
+      src="https://res.cloudinary.com/do5hrgokq/image/upload/v1751204715/logs_fqsfbb.png"
+    />
+  </div>
+</Frame>
+
+1. Click on your **account name** in the top-right corner of the UI
+2. Open the dropdown menu
+3. Select **Logs**
+4. Choose **User Activity Logs** or **System Logs** from the log type selector
+5. Select the number of days to look back
+6. Click **Export** to download the log as a **CSV file**
+
+You can open the CSV in any spreadsheet tool to review and filter the activity as needed.

docs/cloud/features/collaboration-and-communication/audit_logs/system-logs.mdx

@@ -0,0 +1,45 @@
+---
+title: System Logs
+sidebarTitle: System Logs
+---
+
+System logs track system-level events and operations, including data synchronization events and alert deliveries that help with monitoring system operations and troubleshooting.
+
+## What's Included
+
+The system logs capture system-level events and operations across your workspace, including:
+
+- **Data synchronization events**, including:
+    - Beginning and end of synchronization with dbt
+    - Beginning and end of data warehouse (DWH) synchronization
+    - Beginning and end of business intelligence (BI) synchronization
+- **Alert deliveries** - When alerts are sent to configured destinations
+
+## Fields
+
+The exported CSV file for system logs includes the following fields:
+
+- **Timestamp** - The date and time when the event occurred (in UTC, ISO 8601 format)
+  - *Example:* `"2024-01-15T14:30:45.123456+00:00"`
+
+- **Event Name** - The specific action that was performed
+  - *Examples:* `"dbt_data_sync_started"`, `"dbt_data_sync_completed"`, `"dwh_data_sync_started"`, `"dwh_data_sync_completed"`, `"bi_data_sync_started"`, `"bi_data_sync_completed"`, `"alerts_sent"`
+  - *Example:* `"dbt_data_sync_completed"` or `"alerts_sent"`
+
+- **Success** - Whether the action completed successfully
+  - *Values:* `"True"` or `"False"` (as strings in CSV)
+  - *Example:* `"True"` or `"False"`
+
+- **Event Content** - Additional context-specific information about the action (stored as a JSON string)
+  - The contents vary by action type. For example:
+    - For sync actions: `{"environment_id": "env_789", "environment_name": "Production"}`
+    - For alert delivery actions: `{"alert_count": 5, "destination": "slack"}`
+  - *Example:* `{"environment_id": "env_789", "environment_name": "Production"}`
+
+- **Env ID** - The environment identifier where the action occurred
+  - *Example:* `"env_7890123456abcdef"`
+
+- **Env Name** - The name of the environment where the action occurred
+  - *Example:* `"Production"` or `"Staging"`
+
+**Note:** System logs do not include user information fields since they represent automated system operations rather than user-initiated actions.

docs/cloud/features/collaboration-and-communication/audit_logs/user-activity-logs.mdx

@@ -0,0 +1,56 @@
+---
+title: User Activity Logs
+sidebarTitle: User Activity Logs
+---
+
+User activity logs track changes made by users across the system, including actions such as creating, editing, or deleting tests, monitors, metadata, and other configurations.
+
+## What's Included
+
+The user activity logs capture a wide range of user actions across your workspace, including:
+
+- **User login and logout events**
+- **Failed login attempts** (when applicable)
+- **Creation, modification, or deletion of configuration**, including:
+    - Adding, editing, or deleting tests
+    - Adding, editing, deleting, or archiving alert rules
+    - Acknowledging, resolving, or assigning incidents
+    - Adding, editing, or deleting metadata (owners, descriptions, tags, critical assets)
+    - Adding, editing, or deleting integrations
+    - Sending team member invites
+    - Changing user roles
+
+## Fields
+
+The exported CSV file for user activity logs includes the following fields:
+
+- **Timestamp** - The date and time when the event occurred (in UTC, ISO 8601 format)
+  - *Example:* `"2024-01-15T14:30:45.123456+00:00"`
+
+- **User Email** - The email address of the user who performed the action
+  - *Example:* `"[email protected]"`
+
+- **User Name** - The display name of the user who performed the action
+  - *Example:* `"John Doe"`
+
+- **Event Name** - The specific action that was performed
+  - *Examples:* `"user_login"`, `"create_test"`, `"edit_alert_rule"`, `"assign_incident"`, `"create_alert_rule"`, `"edit_metadata"`, `"delete_test"`, `"invite_team_member"`, `"change_user_role"`
+  - *Example:* `"user_login"` or `"create_test"`
+
+- **Success** - Whether the action completed successfully
+  - *Values:* `"True"` or `"False"` (as strings in CSV)
+  - *Example:* `"True"` or `"False"`
+
+- **Event Content** - Additional context-specific information about the action (stored as a JSON string)
+  - The contents vary by action type. For example:
+    - For incident actions: `{"incident_id": "inc_123", "incident_summary": "Test failure detected"}`
+    - For test actions: `{"test_id": "test_456", "test_name": "assert_no_null_values"}`
+    - For alert rule actions: `{"alert_routing_rule_id": "rule_789", "alert_routing_rule": {...}}`
+    - For metadata actions: `{"asset_id": "asset_123", "metadata_type": "owner"}`
+  - *Example:* `{"incident_id": "inc_123", "incident_summary": "Test failure detected"}`
+
+- **Env ID** - The environment identifier where the action occurred. Empty for account-level actions like login/logout that aren't tied to a specific environment.
+  - *Example:* `"env_7890123456abcdef"`
+
+- **Env Name** - The name of the environment where the action occurred. Empty for account-level actions like login/logout that aren't tied to a specific environment.
+  - *Example:* `"Production"` or `"Staging"`

docs/cloud/features/collaboration-and-communication/logs.mdx

@@ -156,7 +156,7 @@
               },
               "cloud/features/roles-and-permissions",
               "cloud/features/ci",
-              "cloud/features/collaboration-and-communication/logs"
+              "cloud/features/collaboration-and-communication/audit_logs"
             ]
           },
           {