ash/audittrail
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Drop-in audit logging API for B2B SaaS companies. Compliance-ready (SOC 2, HIPAA, GDPR).
5 commits 1 branch 0 tags 97 KiB
  • Go 80.8%
  • templ 19.2%
Find a file
Exact
Ash 1c22833c0a
Some checks failed
CI / lint (push) Failing after 36s
Details
CI / test (push) Failing after 1m10s
Details
refactor: use eskit event sourcing + forge-auth 
- Replace custom store with eskit Decider + CommandHandler + SQLite store
- Add projection/QueryStore for read model (query, stats, export)
- Replace custom auth with forge-auth RequireAPIKey middleware
- Add Given/When/Then decider tests
- Wire up eskit Profiler with middleware
- Module path: git.nullsoft.is/ash/audittrail
2026-02-19 16:10:29 +00:00
.forgejo/workflows Add CI workflow: tests, lint 2026-02-19 12:52:15 +00:00
cmd/server refactor: use eskit event sourcing + forge-auth 2026-02-19 16:10:29 +00:00
internal refactor: use eskit event sourcing + forge-auth 2026-02-19 16:10:29 +00:00
.gitignore Add cmd/server/main.go, fix gitignore 2026-02-19 11:05:41 +00:00
go.mod refactor: use eskit event sourcing + forge-auth 2026-02-19 16:10:29 +00:00
go.sum refactor: use eskit event sourcing + forge-auth 2026-02-19 16:10:29 +00:00
README.md Initial commit: AuditTrail MVP 2026-02-19 11:05:21 +00:00

README.md

AuditTrail

Drop-in audit logging API for B2B SaaS companies. Be compliant with SOC 2, HIPAA, and GDPR in minutes.

Features

  • REST API — Ingest and query audit events with simple HTTP calls
  • Immutable Logs — Append-only; events cannot be modified or deleted via API
  • Multi-Tenant — Events scoped to organizations and projects
  • API Key Auth — Secure Bearer token authentication
  • Search & Filter — By actor, action, target, date range with cursor pagination
  • Export — CSV and JSON export
  • Retention Policies — Auto-delete events based on plan limits
  • Real-Time Dashboard — Datastar-powered live event stream with dark mode
  • Single Binary — Go + SQLite, deploy anywhere

Quick Start

# Build
go build -o audittrail ./cmd/server

# Run with demo data
./audittrail -demo

# The server prints your demo API key, org ID, and project ID

API

Ingest Events

curl -X POST http://localhost:8090/v1/events \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "project_id": "PROJECT_ID",
    "actor": "user_123",
    "action": "document.updated",
    "target": "doc_456",
    "metadata": {"ip": "192.168.1.1"}
  }'

Query Events

curl "http://localhost:8090/v1/events?actor=user_123&limit=20" \
  -H "Authorization: Bearer YOUR_API_KEY"

Export

curl "http://localhost:8090/v1/events/export?format=csv" \
  -H "Authorization: Bearer YOUR_API_KEY"

Pricing

Plan Price Events/mo Retention Projects
Free $0 1,000 7 days 1
Pro $19/mo 100,000 90 days 5
Business $49/mo 1,000,000 1 year Unlimited

Tech Stack

  • Go — Fast, single binary
  • SQLite (modernc.org/sqlite) — Zero-config, embedded
  • Datastar — Real-time dashboard with SSE
  • Tailwind CSS — Dark mode UI

License

MIT