diff --git a/coderd/audit.go b/coderd/audit.go
index 72b27690fb179..08f070fdb929d 100644
--- a/coderd/audit.go
+++ b/coderd/audit.go
@@ -180,9 +180,8 @@ func (api *API) convertAuditLogs(ctx context.Context, dblogs []database.GetAudit
 }
 
 type AdditionalFields struct {
-	WorkspaceName  string
-	BuildNumber    string
-	WorkspaceOwner string
+	WorkspaceName string
+	BuildNumber   string
 }
 
 func (api *API) convertAuditLog(ctx context.Context, dblog database.GetAuditLogsOffsetRow) codersdk.AuditLog {
@@ -218,9 +217,8 @@ func (api *API) convertAuditLog(ctx context.Context, dblog database.GetAuditLogs
 	if err != nil {
 		api.Logger.Error(ctx, "unmarshal additional fields", slog.Error(err))
 		resourceInfo := map[string]string{
-			"workspaceName":  "unknown",
-			"buildNumber":    "unknown",
-			"workspaceOwner": "unknown",
+			"workspaceName": "unknown",
+			"buildNumber":   "unknown",
 		}
 		dblog.AdditionalFields, err = json.Marshal(resourceInfo)
 		api.Logger.Error(ctx, "marshal additional fields", slog.Error(err))
@@ -233,7 +231,7 @@ func (api *API) convertAuditLog(ctx context.Context, dblog database.GetAuditLogs
 	if isDeleted {
 		resourceLink = ""
 	} else {
-		resourceLink = auditLogResourceLink(dblog, additionalFields)
+		resourceLink = api.auditLogResourceLink(ctx, dblog, additionalFields)
 	}
 
 	return codersdk.AuditLog{
@@ -343,7 +341,7 @@ func (api *API) auditLogIsResourceDeleted(ctx context.Context, alog database.Get
 	}
 }
 
-func auditLogResourceLink(alog database.GetAuditLogsOffsetRow, additionalFields AdditionalFields) string {
+func (api *API) auditLogResourceLink(ctx context.Context, alog database.GetAuditLogsOffsetRow, additionalFields AdditionalFields) string {
 	switch alog.ResourceType {
 	case database.ResourceTypeTemplate:
 		return fmt.Sprintf("/templates/%s",
@@ -352,18 +350,34 @@ func auditLogResourceLink(alog database.GetAuditLogsOffsetRow, additionalFields
 		return fmt.Sprintf("/users?filter=%s",
 			alog.ResourceTarget)
 	case database.ResourceTypeWorkspace:
-		workspaceOwner := alog.UserUsername.String
-		if len(additionalFields.WorkspaceOwner) != 0 && additionalFields.WorkspaceOwner != "unknown" {
-			workspaceOwner = additionalFields.WorkspaceOwner
+		workspace, getWorkspaceErr := api.Database.GetWorkspaceByID(ctx, alog.ResourceID)
+		if getWorkspaceErr != nil {
+			return ""
+		}
+		workspaceOwner, getWorkspaceOwnerErr := api.Database.GetUserByID(ctx, workspace.OwnerID)
+		if getWorkspaceOwnerErr != nil {
+			return ""
 		}
 		return fmt.Sprintf("/@%s/%s",
-			workspaceOwner, alog.ResourceTarget)
+			workspaceOwner.Username, alog.ResourceTarget)
 	case database.ResourceTypeWorkspaceBuild:
 		if len(additionalFields.WorkspaceName) == 0 || len(additionalFields.BuildNumber) == 0 {
 			return ""
 		}
+		workspaceBuild, getWorkspaceBuildErr := api.Database.GetWorkspaceBuildByID(ctx, alog.ResourceID)
+		if getWorkspaceBuildErr != nil {
+			return ""
+		}
+		workspace, getWorkspaceErr := api.Database.GetWorkspaceByID(ctx, workspaceBuild.WorkspaceID)
+		if getWorkspaceErr != nil {
+			return ""
+		}
+		workspaceOwner, getWorkspaceOwnerErr := api.Database.GetUserByID(ctx, workspace.OwnerID)
+		if getWorkspaceOwnerErr != nil {
+			return ""
+		}
 		return fmt.Sprintf("/@%s/%s/builds/%s",
-			alog.UserUsername.String, additionalFields.WorkspaceName, additionalFields.BuildNumber)
+			workspaceOwner.Username, additionalFields.WorkspaceName, additionalFields.BuildNumber)
 	default:
 		return ""
 	}
diff --git a/coderd/workspaces.go b/coderd/workspaces.go
index 6ef629fe47bd0..23242f619f981 100644
--- a/coderd/workspaces.go
+++ b/coderd/workspaces.go
@@ -279,27 +279,19 @@ func (api *API) workspaceByOwnerAndName(rw http.ResponseWriter, r *http.Request)
 // Create a new workspace for the currently authenticated user.
 func (api *API) postWorkspacesByOrganization(rw http.ResponseWriter, r *http.Request) {
 	var (
-		ctx                   = r.Context()
-		organization          = httpmw.OrganizationParam(r)
-		apiKey                = httpmw.APIKey(r)
-		auditor               = api.Auditor.Load()
-		user                  = httpmw.UserParam(r)
-		workspaceResourceInfo = map[string]string{
-			"workspaceOwner": user.Username,
-		}
+		ctx               = r.Context()
+		organization      = httpmw.OrganizationParam(r)
+		apiKey            = httpmw.APIKey(r)
+		auditor           = api.Auditor.Load()
+		user              = httpmw.UserParam(r)
+		aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{
+			Audit:   *auditor,
+			Log:     api.Logger,
+			Request: r,
+			Action:  database.AuditActionCreate,
+		})
 	)
-	wriBytes, err := json.Marshal(workspaceResourceInfo)
-	if err != nil {
-		api.Logger.Warn(ctx, "marshal workspace owner name")
-	}
 
-	aReq, commitAudit := audit.InitRequest[database.Workspace](rw, &audit.RequestParams{
-		Audit:            *auditor,
-		Log:              api.Logger,
-		Request:          r,
-		Action:           database.AuditActionCreate,
-		AdditionalFields: wriBytes,
-	})
 	defer commitAudit()
 
 	if !api.Authorize(r, rbac.ActionCreate,