Audit Log Repository
Component Detail
Data Layer
medium complexity
Shared Component
backend
0
Dependencies
0
Dependents
5
Entities
0
Integrations
Description
Persists security-relevant events to a dedicated PostgreSQL audit_logs table with tamper-evident append-only semantics. Records authentication events, key rotations, encrypted message access, and permission changes for GDPR compliance and forensic auditability.
audit-log-repository
Responsibilities
- Write immutable audit log entries to the audit_logs Postgres table
- Enforce append-only access — no update or delete operations permitted
- Support structured querying by actor, resource type, event type, and time range
- Provide log export for compliance and incident investigations
Interfaces
logEvent(entry: AuditLogEntry): Future<void>
logAuthEvent(userId: String, event: AuthEventType, metadata: Map): Future<void>
logDataAccess(userId: String, resourceId: String, action: String): Future<void>
logKeyRotation(userId: String): Future<void>
queryLogs(filter: AuditLogFilter): Future<List<AuditLogEntry>>
exportLogs(organizationId: String, from: DateTime, to: DateTime): Future<List<AuditLogEntry>>
countEventsByType(eventType: String, since: DateTime): Future<int>
Related Data Entities (5)
Data entities managed by this component