Track Tailnet Changes with Tailscale Configuration Audit Logs

Tailscale has introduced configuration audit logs, currently in beta, to enhance the security and integrity of tailnets by allowing network admins to track changes made to their network configurations. These logs, accessible via the admin console and API, provide a detailed record of modifications such as adding devices, updating ACLs, or changing DNS settings. They enable admins and auditors to filter events by user, time, and action, and offer capabilities for monitoring, auditing, and reversing changes as part of incident responses. The logs capture write-actions almost instantaneously and are retained for 90 days, with options for exporting them to long-term storage via the API. This feature is designed to aid in maintaining compliance and security by allowing detailed visibility into network configuration changes and ensuring adherence to access policies.