Security Considerations
Access Control:
- Only owners and admins can view audit logs
- API queries are intended to scope logs by organization; public cross-tenant coverage evidence is still being expanded
- Deleted users still appear in logs (email preserved)
- Platform owners cannot access organization audit logs (privacy)
Data Retention:
- The API does not expose general deletion; verify actual database retention and cleanup behavior
- Define retention based on applicable operational and legal requirements
- Export logs regularly for archival
- Logs survive organization deletion (platform-level cleanup required)
Sensitive Information:
- Passwords, secrets, and OAuth tokens are intended to be excluded; verify redaction against the release and custom integrations you deploy
- API keys are logged by ID only (not full key)
- Personal data (email) is logged for accountability
- Consider GDPR right to erasure when deleting users
Performance:
- Audit-log volume can become large over time
- Use pagination to avoid timeouts
- Filter by action or target to reduce dataset size
- Consider exporting to external log management system (e.g., Splunk, Datadog)
Tamper Protection:
- The public API does not expose audit-log mutation or deletion operations
- Database administrators and infrastructure controls remain inside the trust boundary, so this is not a tamper-proof or immutable-storage guarantee
- Actor information captured at event time (not dynamic)
- Timestamps are server-side (cannot be spoofed)
Best Practices
Regular Review:
- Review audit logs weekly for unusual activity
- Set up automated alerts for critical events
- Export logs monthly for archival
- Investigate all failed actions
Filtering Strategies:
- Start broad, then narrow down with filters
- Use
actionfilter for specific event types - Use
target_type+target_idfor resource history - Export to external tools for advanced analytics
Control-program use:
- Document audit log retention policy
- Export logs regularly for long-term storage
- Include audit logs in security audits
- Train team on audit log interpretation
Security Monitoring:
- Alert on critical events (service deletion, user removal)
- Monitor for unusual IP addresses
- Track failed actions for potential attacks
- Review API key creation/deletion regularly