Hardenize has joined Red Sift! Find out more in our blog post.


Welcome to the Hardenize blog. This is where we will document our journey as we make the Internet a more secure place and have some fun and excitement along the way.

3 Apr

New Feature: Audit Log

by Ivan Ristić

In our release today, we added support for audit logging, a key feature for anyone who wants to have a good insight into the key events taking place in their account. An audit log is a stream of records that are emitted as various activities take place. These records are immutable and serve as a reliable record of events. Most organisations will care about the events that are related to user authentication and authorization, and those that change the state of their accounts.

We are releasing audit log functionality today in preview and inviting interested customers to reach out to discuss our initial implementation. We would like to know if we’re providing all the data they need, as well as discuss the usage patterns. How would you like to retrieve this information?

The initial set of supported events includes anything related to access control, covering activities of individuals as well as access to organisations. Our current data model includes the following fields:

  • Unique event identifier
  • Timestamp
  • Actor type (anonymous, user, or system)
  • Actor identifier
  • Actor name
  • Remote IP address
  • Session identifier
  • User agent information (only when relevant)
  • Resource type
  • Resource identifier
  • Action identifier
  • Status (indicator of success mapped to an HTTP status code)
  • Additional free-form information specific to each action (JSON)