Use case

Answer 'what did this user actually do' in 10 seconds

Query every event by actor id to rebuild a minute-by-minute timeline of what a user did. Perfect for support investigations, bug reports, and replaying the context of a complaint.

Start logging for freeRead the API reference
The problem

A customer opens a ticket: 'I never clicked that button'. Or 'my file disappeared'. Or 'the checkout charged me twice'. Your database has rows, but rows do not tell a story. Stitching a timeline together from Postgres, Stripe, Segment and Sentry is a full afternoon of work, and you still miss half the context.

The Recalled way

Every user action is already logged as an event in Recalled, with `actor.id` set consistently to your own user id. When a ticket lands, filter the event list by that actor and you get a minute-by-minute timeline: logins, form edits, button clicks, API errors, billing changes. Pagination is cursor-based so a heavy user still loads fast. Support teams self-serve via the Recalled dashboard; engineering queries the REST API from Sentry links.

Query the events API
// Later, in your support back-office:
const events = await recalled.events.list({
  actor: userId,
  limit: 50,
  order: "desc",
});

Why teams use Recalled for user timelines

  • Actor-first query model

    Filter any event list by `actor` to get a single user's history. No schema design, no joins, no SQL.

  • Cursor pagination

    Even power users with thousands of events load in milliseconds. The dashboard and API both use the same cursor protocol.

  • Full-text search

    Search across action, actor name, actor email and metadata. Find 'that one checkout that failed' without knowing the exact wording.

  • Context in metadata

    Store IP, user agent, request id, resource version in metadata. Your timeline has the fingerprints of each action, not just its name.

Related use cases

Give support the full context

Mint a short-lived embed token server-side, drop the `<RecalledFeed />` React component into your support tool, and give your agents the last 25 actions of the customer without switching tabs.

Log every security event

Log authentication events with actor, IP, user agent and outcome. Detect credential stuffing, replay suspicious sessions, and prove to enterprise customers that security matters to you.

Your next audit log is 2 minutes away

Stop hacking on your own logs table. Drop in Recalled, send your first event, move on.

Start for freeRead the docs