All mutations in both Plural and the Plural Console have full audit logging, which can be attributed back to the actor and IP address responsible. You can view the Plural audit logs here: https://app.plural.sh/audits and should be able to see a table of actions, the resources acted upon and the actor looking somewhat like
- Docs
- Operations
- Auth & Access Control
- Identity and Installations
- Audit Logging