Drop-in audit logging API for B2B SaaS companies. Compliance-ready (SOC 2, HIPAA, GDPR).
- Go 80.8%
- templ 19.2%
- Replace custom store with eskit Decider + CommandHandler + SQLite store - Add projection/QueryStore for read model (query, stats, export) - Replace custom auth with forge-auth RequireAPIKey middleware - Add Given/When/Then decider tests - Wire up eskit Profiler with middleware - Module path: git.nullsoft.is/ash/audittrail |
||
|---|---|---|
| .forgejo/workflows | ||
| cmd/server | ||
| internal | ||
| .gitignore | ||
| go.mod | ||
| go.sum | ||
| README.md | ||
AuditTrail
Drop-in audit logging API for B2B SaaS companies. Be compliant with SOC 2, HIPAA, and GDPR in minutes.
Features
- REST API — Ingest and query audit events with simple HTTP calls
- Immutable Logs — Append-only; events cannot be modified or deleted via API
- Multi-Tenant — Events scoped to organizations and projects
- API Key Auth — Secure Bearer token authentication
- Search & Filter — By actor, action, target, date range with cursor pagination
- Export — CSV and JSON export
- Retention Policies — Auto-delete events based on plan limits
- Real-Time Dashboard — Datastar-powered live event stream with dark mode
- Single Binary — Go + SQLite, deploy anywhere
Quick Start
# Build
go build -o audittrail ./cmd/server
# Run with demo data
./audittrail -demo
# The server prints your demo API key, org ID, and project ID
API
Ingest Events
curl -X POST http://localhost:8090/v1/events \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"project_id": "PROJECT_ID",
"actor": "user_123",
"action": "document.updated",
"target": "doc_456",
"metadata": {"ip": "192.168.1.1"}
}'
Query Events
curl "http://localhost:8090/v1/events?actor=user_123&limit=20" \
-H "Authorization: Bearer YOUR_API_KEY"
Export
curl "http://localhost:8090/v1/events/export?format=csv" \
-H "Authorization: Bearer YOUR_API_KEY"
Pricing
| Plan | Price | Events/mo | Retention | Projects |
|---|---|---|---|---|
| Free | $0 | 1,000 | 7 days | 1 |
| Pro | $19/mo | 100,000 | 90 days | 5 |
| Business | $49/mo | 1,000,000 | 1 year | Unlimited |
Tech Stack
- Go — Fast, single binary
- SQLite (modernc.org/sqlite) — Zero-config, embedded
- Datastar — Real-time dashboard with SSE
- Tailwind CSS — Dark mode UI
License
MIT