Skip to main content
Version: 2.0.0

Audit Logs

Knowing who has done what in your application is critical for multiple reasons, including security, compliance, debugging and even just plain old monitoring. Audit Logs are a great way to track who did what, when they did it, why they had permissions and/or did not have permissions to do so!

They are a useful tool both for you and your team as the maintainers of your application, but also your end-users, who want to track their own usage and actions within the app.

Automatic Generation

As powers your application, you are getting automatic audit logs.

Enforcement points, along with resource and action definitions, and user/tenant configurations automatically come together to generate the full picture needed for an audit log entry.

While the Permit web interface provides a dedicated page for viewing your audit logs, you can also find them directly in your deployed PDP microservice (as they are written to its stdout/stderr, you can of course stream them directly into your logging platform) .

Types of Audit Logs

There are two types of audit logs:

  • Basic audit logs - these are the basic logs reflecting actions in regards to your policy rules.
  • Decision logs - more in-depth logs reflecting "why" the policy engine made a decision.

View Audit Logs

Navigate to the Audit Log page in the Permit dashboard.

Audit Log Screenshot

Above is an Audit Log example a user called sandy making a bunch of read actions on the folder resource.