Knogin
[Domaines API]

Audit Trail Domain

The Audit Trail domain provides comprehensive event logging, tracking, and compliance reporting capabilities.

Metadonnees du module

The Audit Trail domain provides comprehensive event logging, tracking, and compliance reporting capabilities.

Retour à la Liste

Reference source

content/modules/domain-audit-trail.md

Dernière Mise à Jour

5 févr. 2026

Catégorie

Domaines API

Checksum du contenu

8e981ec8a2cee995

Étiquettes

api-domainsreal-timecompliance

Documentation rendue

Cette page rend le Markdown et Mermaid du module directement depuis la source publique de documentation.

Overview#

The Audit Trail domain provides comprehensive event logging, tracking, and compliance reporting capabilities. It captures all user actions, system events, and API operations with before/after state tracking, supporting regulatory requirements including GDPR, SOC 2, HIPAA, and financial sector compliance mandates. The system ensures complete multi-tenant isolation with immutable, write-once event records.

Key Features#

  • Automatic Event Capture -- Logs all user actions, system events, and API operations with before/after state snapshots for complete change tracking
  • Multi-Tenant Isolation -- Complete tenant-level data segregation ensures organizations can only access their own audit data
  • Advanced Filtering and Search -- Powerful search capabilities with saved filter configurations for common audit queries such as security events, permission changes, and failed login attempts
  • Multi-Format Export -- Export audit trails in CSV, JSON, and PDF formats with background processing for large datasets and signed download URLs
  • Statistical Analytics -- Real-time aggregation and trending analysis for dashboard display, including event breakdowns by type and actor
  • Correlation Tracking -- Links related events across distributed operations using correlation identifiers for end-to-end tracing
  • Sensitive Data Flagging -- Marks events containing personally identifiable information for enhanced access control and retention policy management
  • Immutable Records -- Write-once design ensures audit events cannot be modified or deleted, maintaining evidentiary integrity
  • Saved Filter Configurations -- Compliance teams and auditors can save and reuse filter configurations for recurring audit queries
  • Hierarchical Event Types -- Dot-notation event categorization enables flexible querying at any level of the event hierarchy

Use Cases#

  • Compliance officers generate audit reports for regulatory examinations by filtering events by type, severity, and date range, then exporting in the required format for submission.
  • Security teams monitor for suspicious activity by saving filters for failed login attempts, permission escalations, and breach detection events, with real-time statistical dashboards.
  • Investigators trace the complete history of actions taken on a specific case or piece of evidence by querying all events associated with an entity, including who accessed it and when.
  • Organizations meet GDPR data portability requirements by exporting a user's complete audit trail, and enforce right-to-erasure through configurable retention periods with automatic deletion.
  • System administrators use correlation tracking to trace a single user action across multiple services and understand its full impact.

Integration#

The Audit Trail domain is integrated throughout the platform, automatically capturing events from authentication, case management, investigations, alerts, and administrative operations. It connects with the compliance framework for regulatory reporting and the access control system for permission-based audit data access.

Last Reviewed: 2026-02-05