Integrate Secure Audit Log

Learn how to integrate a secure audit log into your application

Determine your audit use case

The Secure Audit Log Overview outlines several use cases for audit logs. Determining your audit use case will help you understand which audit fields to include in your use case. Additionally, the use case will likely dictate the retention policy for the audit logs. If your use case for Secure Audit Log aligns to a compliance case, make sure to research the retention requirements by the compliance framework.

Enable the Secure Audit Log service and configure a token

The Pangea Audit Service needs to be enabled before usage. Learn more about enabling the Secure Audit Log service configuration. The enablement process will ask you to create a token so that you can access the audit endpoints.

Configure the audit service

The audit service can be configured in the Pangea User Console under COMPLIANCE >> Secure Audit Log >> Settings.

Create a test event

The interactive Secure Audit Log API Reference allows users to test API endpoints from the documentation. This is an easy way to create test audit log events to see how audit logs work with different fields supplied.

Review your events

The log viewer can be found in the Pangea User Console under COMPLIANCE >> Secure Audit Log >> View Logs. This will allow you to easily search, view, and validate log events stored in the Secure Audit Log service. Use the Secure Audit Log API Reference to learn about how log events are returned via API.

Verify and validate the tamperproof status of your logs

The log viewer returns records and their tamperproof status. It's recommended that you click the lock icon and review the status of log records recorded to the service. Read about tamperproofing to ensure you understand how it works and how you can prove your logs are secure to auditors and customers. Use the SDK to validate the logs manually and gain an even deeper understanding of the feature.