Enable Audit Logs Tutorial

This article explains how you can use Audit Logs in your app using Tesseral.

If you haven’t already, follow the Quickstart Guide to set up your Tesseral Project.

Enabling Audit Logs for your Project

Enable Audit Logs for a Project

Go to your Project’s Vault Customization Settings. In the “Behavior Settings” section, enable the Audit Logs feature. Click Save changes.

Once enabled, all significant actions taken by users in your application will be logged and can be accessed through the Audit Logs interface.

Advanced Usage

Publishing custom Audit Log events

Tesseral’s managed audit log events automatically collect many security-related events on your behalf. You can augment these events with additional events that are specific to your product.

To publish a custom audit log event, you’ll use the Tesseral Backend API’s CreateAuditLogEvent endpoint (API Reference).

Express.js

Flask

FastAPI

Django

Go

Axum

Next.js

These instructions assume you’ve already set up Tesseral for Express.js.

First, construct a Tesseral Backend API client:

1 import { TesseralClient } from "@tesseral/tesseral-node";
2 
3 const tesseralClient = new TesseralClient();

Then, anywhere in your code where you need to create an audit log event, call auditLogEvents.createAuditLogEvent():

1 import { credentials } from "@tesseral/tesseral-express";
2 
3 app.post("/approve-expense-report", (req, res) => {
4   // ...
5 
6   tesseralClient.auditLogEvents.createAuditLogEvent({
7     credentials: credentials(req),
8     eventName: "acme.expense_reports.approve",
9     eventDetails: {
10       "expenseReportId": "expense_report_123",
11     }
12   })
13 })

When you pass along the current credentials(), Tesseral will automatically know which User or (if enabled) API Key performed the action you’re audit logging.