Documentation for AuditLedge — production-grade audit logs for SaaS
An audit log is an immutable, chronological record of “who did what, and when” inside your application.
Business customers ask for audit logs constantly:
It is both a trust feature and a compliance requirement. SOC 2, HIPAA, and GDPR all mandate some form of audit trail, and enterprise buyers will block a deal until it exists.
| Field | Example | Purpose |
|---|---|---|
| Actor | Alice (user_123) |
Who did it |
| Action | invoice.deleted |
What happened |
| Resource | Invoice #1042 (inv_456) |
What was affected |
| Timestamp | 2026-05-13T10:23:00Z |
When it happened |
| Organization | org_789 |
Which tenant (for multi-tenant SaaS) |
| Metadata | { "ip": "203.0.113.42" } |
Additional context |
Storing rows in a Postgres table is easy. Making it production-grade is not:
Developers who have built audit logs report spending days to a month on the initial build, then continuing to patch it afterwards.
You send one POST request per event. Auditledge handles storage, querying, retention, and the dashboard your team uses to investigate activity. No infrastructure to manage, no schema to maintain.
curl -X POST https://api.auditledge.com/v1/events \
-H "Authorization: Bearer al_your_key_here" \
-H "Content-Type: application/json" \
-d '{
"actor": { "id": "user_123", "name": "Alice" },
"action": "invoice.deleted",
"resource": { "type": "invoice", "id": "inv_456" },
"organization_id": "org_789"
}'