FEATURES / AUDIT LOG

An append-only
paper trail.

Every state-changing action lands in the audit log with actor, target, IP, user-agent, and a structured diff. Queryable by org, user, or aggregate.

What gets logged, automatically.

Every command

Application services emit AuditEvent records when commands succeed. Domain stays clean; the bus does the writing.

Structured diffs

Before/after snapshots of changed fields. JSON, queryable, indexed.

Actor + context

User ID, org ID, IP, UA, request ID. Impersonation captured separately so support actions are auditable.

Anonymization

After GDPR hard-delete, actor IDs are replaced with tombstones. The trail survives; identity does not.

Why a separate log instead of just DB triggers?

Triggers can't see the application context — who clicked what, from where, with which intent. The audit log is written from the application layer, captures the use case name, and ships with a CLI to reconstruct an aggregate at any point in time.

Soc 2 starts here.

A paper trail your security team will recognize as serious.

Get Started Read the docs

An append-onlypaper trail.