Audit Trail System Overview

The audit trail system provides comprehensive tracking of all administrative actions, security events, and critical business operations for compliance, troubleshooting, and security monitoring.

Key Concepts

Audit Events: Immutable records of actions performed by users or automated systems.

Event Categories:

• Security: Login, logout, 2FA, role changes, permission denials
• Business: User registrations, memberships, listing approvals
• Files: Upload lifecycle, processing, deletions
• Jobs: Queue processing (start, complete, fail, retry)
• Integrations: External API calls (payments, email)
• Performance: Slow queries (>100ms), slow requests (>1s)
• Scheduler: Scheduled task execution and cleanup

System Architecture

Technology: Winston (structured JSON logging) + PostgreSQL (audit table)

Storage Locations:

• Development: Console + optional file (`WATCH_LOGS=true`)
• Production: `/var/log/sampo/*.log` → Loki → Grafana (http://localhost:3004)

Retention Policy:

• Database: 90 days (regulatory compliance)
• Log files: 30 days (disk space management)
• Grafana: 180 days (long-term analysis)