toolz/goplt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6a172364748eb7e13495646dc4a29e56f77bfe28
goplt/docs/adr/0020-audit-logging-storage.md
0x1d 6a17236474 docs: add implementation plan, ADRs, and task tracking system 
- Add comprehensive 8-phase implementation plan (docs/plan.md)
- Add 28 Architecture Decision Records (docs/adr/) covering all phases
- Add task tracking system with 283+ task files (docs/stories/)
- Add task generator script for automated task file creation
- Add reference playbooks and requirements documentation

This commit establishes the complete planning foundation for the Go
Platform implementation, documenting all architectural decisions and
providing detailed task breakdown for Phases 0-8.
2025-11-04 22:05:37 +01:00

1.9 KiB
Raw Blame History

ADR-0020: Audit Logging Storage

Status

Accepted

Context

The platform needs to audit all security-relevant actions:

  • User logins and authentication attempts
  • Permission changes
  • Data modifications
  • Administrative actions

Audit logs must be:

  • Immutable (append-only)
  • Queryable
  • Performant (don't slow down operations)
  • Compliant with audit requirements

Storage options considered:

  1. PostgreSQL table - Simple, queryable, transactional
  2. Elasticsearch - Excellent for searching, but additional dependency
  3. File-based logs - Simple but hard to query
  4. External audit service - Overkill for initial version

Decision

Store audit logs in PostgreSQL append-only table with JSON metadata:

  1. Table structure: audit_logs with columns:
    • id, actor_id, action, target_id, metadata (JSONB), timestamp
  2. Append-only: No UPDATE or DELETE operations
  3. JSON metadata: Flexible storage for additional context
  4. Indexing: Index on actor_id, action, timestamp for queries

Rationale:

  • Simple (no additional infrastructure)
  • Queryable via SQL
  • Transactional (consistent with other data)
  • JSONB provides flexibility for metadata
  • Can migrate to Elasticsearch later if needed
  • Good performance for typical audit volumes

Consequences

Positive

  • Simple implementation
  • Queryable via SQL
  • No additional infrastructure
  • Transactional consistency
  • Can archive old logs if needed

Negative

  • Adds load to primary database
  • May need archiving strategy for large volumes
  • Less powerful search than Elasticsearch

Implementation Notes

  • Create audit_logs table via Ent schema
  • Use JSONB for metadata column (PostgreSQL-specific)
  • Add indexes: (actor_id, timestamp), (action, timestamp)
  • Implement async logging (optional, via channel) for high throughput
  • Consider partitioning by date for large volumes
  • Add retention policy (e.g., archive after 1 year)