Audit Logs
Audit logs are structured records that chronologically document events and activities within a system, application, or network. They capture and store details of actions performed by users, system components, or external entities, ensuring transparency, security, and regulatory compliance.
Audit logs do not contain all the events in the system yet, this is an ongoing effort and more events will be added in future updates.
Key Concepts
Audit logs in Chainloop revolve around two main concepts: Actor Type and Target Type.
Actor Type
The Actor Type represents the entity responsible for triggering an event.
- User – Events initiated by users within your organization.
- API Token – Events initiated by an API Token, such as updating a Workflow Contract.
- System – Events triggered by the system itself or the Chainloop Team. Currently, these events occur when modifications are made to built-in resources such as Policies, Requirements, or Frameworks. These changes are logged across all organizations for transparency.
Target Type
The Target Type represents the entity affected by an action performed by an Actor.
Audit Log Forwarders
This feature is only available for on-premise installations of Chainloop.
The Audit Log Forwarder allows platform operators to send event logs to external services. Currently, this is supported via a Webhook.
To configure an Audit Log Forwarder, the following configuration can be modified from the Platform’s Helm Chart values.yaml.
Example configuration:
Note that the request sent has the user-agent Chainloop-Audit-Logger/1.0 and the application/json content type.