Audit logs are structured records that chronologically document events and activities within a system, application, or network. They capture and store details of actions performed by users, system components, or external entities, ensuring transparency, security, and regulatory compliance.
Audit logs do not contain all the events in the system yet, this is an ongoing effort and more events will be added in future updates.
The Actor Type represents the entity responsible for triggering an event.
User – Events initiated by users within your organization.
API Token – Events initiated by an API Token, such as updating a Workflow Contract.
System – Events triggered by the system itself or the Chainloop Team. Currently, these events occur when modifications are made to built-in resources such as Policies, Requirements, or Frameworks. These changes are logged across all organizations for transparency.
This feature is only available for on-premise installations of Chainloop.
The Audit Log Forwarder allows platform operators to send event logs to external services. Currently, this is supported via a Webhook.To configure an Audit Log Forwarder, the following configuration can be modified from the Platform’s Helm Chart values.yaml.
Copy
backend: ## @param backend.auditLogForwarders Audit log forwarders configuration. Configure forwarders ## to send audit logs to external services ## @extra backend.auditLogForwarders[].kind The kind of forwarder, currently only webhook is supported ## @extra backend.auditLogForwarders[].uri The URL of the webhook ## @extra backend.auditLogForwarders[].token The bearer token to authenticate with the webhook ## @extra backend.auditLogForwarders[].method The HTTP method to use when sending the audit logs auditLogForwarders: []