Compliance

Audit Logs

Complete audit trail of all account activity. Track every action for security monitoring, compliance audits, and forensic analysis.

90 days

Default retention

365 days

Enterprise retention

50+

Event types tracked

Real-time

SIEM integration

Audit Log Viewer

Filter by Category

Tracked Event Types

Authentication

logout

mfa.enabled

mfa.disabled

password.changed

API Keys

api_key.created

api_key.rotated

api_key.deleted

api_key.used

Team

member.invited

member.joined

member.removed

member.role_changed

Security

ip_blocked

rate_limit.exceeded

suspicious_activity

permission.denied

Data

export.requested

export.completed

data.deleted

gdpr.request

Billing

subscription.created

subscription.cancelled

payment.failed

invoice.paid

API Examples

Query Audit Logs

# Query audit logs
curl "https://api.justkalm.com/v2/audit-logs?\
action=api_key.*&\
actor=alice@company.com&\
created_at[gte]=2024-01-01&\
limit=50" \
  -H "Authorization: Bearer jk_live_xxx"

# Response
{
  "data": [
    {
      "id": "evt_001",
      "type": "audit.event",
      "created_at": "2024-01-15T14:32:01Z",
      "actor": {
        "type": "user",
        "id": "user_abc123",
        "email": "alice@company.com"
      },
      "action": "api_key.created",
      "resource": {
        "type": "api_key",
        "id": "key_M9l1pPsS"
      },
      "context": {
        "ip_address": "192.168.1.100",
        "user_agent": "Mozilla/5.0...",
        "location": "San Francisco, CA"
      }
    }
  ],
  "has_more": true
}

Filter Syntax

# Filter by action type (supports wildcards)
?action=api_key.created      # Exact match
?action=api_key.*            # All api_key actions
?action=*.deleted            # All delete actions

# Filter by actor
?actor=alice@company.com     # Specific user
?actor_type=user             # All user actions
?actor_type=system           # System events only

# Filter by resource
?resource_type=api_key       # All API key events
?resource_id=key_M9l1pPsS    # Specific resource

# Filter by result
?status=success              # Successful events only
?status=failure              # Failed events only

# Filter by time range
?created_at[gte]=2024-01-01
?created_at[lte]=2024-01-31

Export for Compliance

# Export audit logs for compliance
curl -X POST "https://api.justkalm.com/v2/audit-logs/export" \
  -H "Authorization: Bearer jk_live_xxx" \
  -H "Content-Type: application/json" \
  -d '{
    "format": "json",
    "date_from": "2024-01-01",
    "date_to": "2024-01-31",
    "include_context": true
  }'

# Response
{
  "export_id": "exp_audit_L8k0",
  "status": "processing",
  "estimated_records": 15420,
  "download_url": null
}

SIEM Webhook Integration

# Subscribe to real-time audit events
curl -X POST "https://api.justkalm.com/v2/webhooks" \
  -H "Authorization: Bearer jk_live_xxx" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://your-siem.com/ingest",
    "events": [
      "audit.api_key.*",
      "audit.login.failed",
      "audit.member.*",
      "audit.security.*"
    ]
  }'

SIEM Integrations

🔍

Splunk

🐕

Datadog

📊

Sumo Logic

☁️

AWS CloudWatch

🦌

Elastic SIEM

📜

Chronicle

🛡️

Microsoft Sentinel

🔗

Custom Webhook

Compliance Ready

SOC 2 Type II

Audit logging controls

GDPR

Data access tracking

HIPAA

PHI access audit trail

ISO 27001

Security event logging

Ready for Your Next Audit?

Access your full audit trail in the dashboard or via API.

View Audit Logs Compliance Docs