Web Console

Every action, fully traced

Built-in audit logs capture every identity event across your estate — logins, permission changes, admin actions, and API calls — so you can investigate incidents and pass compliance reviews with confidence.

Explore audit logs Read the docs

Capabilities

Complete visibility into every identity event

From login attempts to permission changes, audit logs give you the full picture for security investigations and compliance.

Full-text Search

Search across all audit events by actor, action, resource, IP address, or timestamp. Find exactly what happened in seconds.

Compliance Ready

Meet SOC 2, GDPR, ISO 27001, and HIPAA requirements with immutable, tamper-evident logs that auditors trust.

Structured Event Data

Every event includes who, what, when, where, and why — with structured metadata for programmatic analysis and reporting.

Real-time Alerts

Set up alerts for suspicious activity: failed login spikes, privilege escalations, or unusual API access patterns.

Long-term Retention

Retain audit logs for as long as your compliance framework requires. Export to your own storage or SIEM at any time.

Advanced Filtering

Filter events by environment, tenant, application, user, action type, or time range. Build saved views for recurring investigations.

Developer experience

Query, export, and alert on audit data

Access the full audit trail programmatically. Search events, set up real-time alerts, and export logs to your compliance infrastructure.

Filter events by actor, action, resource, or time range
Export to S3, GCS, or any webhook destination
Threshold-based alerts with Slack and email notifications
Immutable, append-only log with tamper detection

import { Authdog } from "@authdog/sdk";

const authdog = new Authdog({ apiKey: process.env.AUTHDOG_API_KEY });

// Query audit events with filters
const { events, total } = await authdog.auditLogs.list({
  action:   "user.login",
  actorId:  "user_01H8...",
  dateFrom: "2025-01-01T00:00:00Z",
  dateTo:   "2025-01-31T23:59:59Z",
  limit:    50,
});

// Each event includes actor, action, target, metadata
// total contains the full count for pagination

import { Authdog } from "@authdog/sdk";

const authdog = new Authdog({ apiKey: process.env.AUTHDOG_API_KEY });

// Export audit logs for a date range
const exportJob = await authdog.auditLogs.export({
  dateFrom: "2025-01-01T00:00:00Z",
  dateTo:   "2025-03-31T23:59:59Z",
  format:   "csv",
  destination: {
    type:   "s3",
    bucket: "my-compliance-bucket",
    prefix: "audit-logs/q1-2025",
  },
});

// exportJob.id tracks the async export progress

import { Authdog } from "@authdog/sdk";

const authdog = new Authdog({ apiKey: process.env.AUTHDOG_API_KEY });

// Create an alert for suspicious login patterns
const alert = await authdog.auditLogs.alerts.create({
  name:      "Failed login spike",
  condition: {
    action:    "user.login_failed",
    threshold: 10,
    window:    "5m",
  },
  notify: {
    channels: ["slack", "email"],
    target:   "#security-alerts",
  },
});

// alert.id can be used to update or disable later

Why built-in audit logs matter

Bolting audit logging onto your app after the fact is fragile and incomplete. A purpose-built audit trail captures every identity event from day one.

60%

Faster incident response with centralized logs

Scattered logs across services slow investigations to a crawl. A single audit trail with full-text search cuts mean time to resolution dramatically.

Less time spent on audit preparation

Manually assembling evidence for SOC 2 or ISO audits is expensive and error-prone. Built-in, immutable logs with export capabilities simplify every review.

45%

Of breaches involve insider or privileged access

Without visibility into admin actions and permission changes, insider threats go undetected. Comprehensive audit logs surface anomalies before they escalate.

Full visibility, built in.

Open the Authdog Console to explore audit logs, set up alerts, and export compliance-ready reports.

Get Started