Praisma Hub LogoPraisma Hub

8.2.1 Security & Compliance — Compliance & Governance — Audit Logs — User and System Events

Audit Logs provide a tamper-resistant record of significant user and system actions. They support compliance verification, incident investigation, and operational accountability by ensuring that critical events are traceable and reviewable over time.

Event Coverage

Audit logs capture events that affect security, data integrity, or system configuration.

Captured events include:

Authentication and authorization actions

Administrative changes

Content lifecycle operations

Integration and API activity

Events are recorded consistently across modules.

Log Structure

Each audit record follows a structured schema to support querying and analysis.

Core attributes:

Event type

Actor identity

Timestamp

Target resource

Context metadata

Example audit entry:

AuditLog::record('content.published', [ 'actor_id' => auth()->id(), 'content_id' => $content->id ]);

Immutability and Integrity

Audit logs are immutable once written. Modification or deletion is not permitted through application interfaces.

Integrity guarantees:

Append-only storage

Protection against tampering

Consistent ordering

Access and Visibility

Access to audit logs is restricted to authorized roles. Visibility is scoped by tenant and organization.

Access rules:

Role-based permissions

Read-only access

Scoped filtering

Retention and Archiving

Audit logs are retained according to compliance and governance policies. Older records may be archived rather than deleted.

Retention behavior:

Deterministic duration

Archived before purge

Policy-driven lifecycle

Search and Analysis

Audit logs support structured querying and filtering.

Search capabilities:

Time range filters

Event type filtering

Actor-based queries

These features enable efficient investigations.

Incident Support

Audit logs are a primary source for incident response.

Supported use cases:

Unauthorized access investigation

Configuration change review

Data access verification

Security and Isolation

Audit logs are tenant-scoped and isolated. No tenant can view another tenant’s audit data. Logs are protected by the same encryption and access controls as other sensitive data.