Reasons and Best Practices for Using Audit Logs in Your Application

Ensuring security, compliance, and transparency are crucial for any Strapi application. The best way to achieve this is by implementing Audit Logs, a tracking and monitoring system that provides a record of actions performed within your Strapi application, including data changes, user activity, and system configurations.

In this article, we explain the reasons why Audit Logs are essential for your Strapi application and share best practices to follow when implementing them.

Understand the Importance of Audit Logs: What are they?

Audit Logs is a new feature released in Strapi Enterprise v4.6. It is a system for tracking and recording actions, changes, and events in your application. You can track changes to data (content type, entry, media), user activity (login, logout), and system configuration (user roles and permissions). You can also see when the action was made, which user did it (name and ID), and the payload attached to the log. You can also filter the logs by action, date or user, and share a link to each particular log with your team members. Self-hosted Enterprise Edition customers can choose the duration of a period during which the audit trails will be stored (90 days by default). The activity trails will be stored for seven days in the Strapi Cloud Team plan.

There are many reasons you should implement audit logs, among them:

Security

Get a detailed record of activities and changes made within your application. Detect and prevent security incidents and unauthorized access to sensitive information.

If an unauthorized user tries to access sensitive information or make unauthorized changes, with this feature, you can record their actions and quickly detect and respond to potential security incidents. In the event of a security breach, you can track the actions of the attacker and determine what sensitive information may have been compromised to investigate the incident and identify the source of the problem, enabling you to improve the security of your application and prevent future incidents.

Cyberattackers are evolving rapidly, which is reflected in the 64% of companies worldwide that experienced at least one cyber attack in 2022, the importance of having robust security measures in place cannot be overstated.

Events Tracing

Human mistakes are unavoidable, so it’s important to have a way to track them when they take place and cause problems. Audit logs provide a record of the activities that could have led to an issue. This will ease the process of diagnosing and fixing issues when they arise.

The logs within your Strapi application and other sources of information that show error messages, performance metrics, or application configuration settings can help you better understand an issue and identify the root cause of the problem.

For instance, with this feature, you can trace errors when users encounter difficulties logging into your application due to an authentication configuration setting issue. Or you can analyze the logs to identify any errors related to an authorized user’s inability to make changes to a collection-type, such as updating blog content.

You can easily share a particular log with the team and also filter logs by date, user, or action to find the necessary log. This feature allows you to be cautious, proactively address problems as soon as they occur, and save time in solving problems when they arise.

When Companies Need this Feature?

This is an important feature that would most likely help any business or organization that needs to meet compliance or keep a record of the activities performed within the application. Certain industries may find it especially useful to meet specific requirements:

1.Financial Services: Banks, insurance companies, and investment firms must comply with regulatory requirements such as PCI DSS regarding the security of sensitive financial information and payments.

2.Healthcare: Hospitals and healthcare organizations have to comply with strict regulations related to patient data privacy and monitor access to sensitive data. More specifically, audit logs are an important part of HIPAA compliance which in some cases requires Healthcare organizations to retain logs for up to six years.

3.Government: Federal, state, and local governments should secure sensitive information and comply with regulations related to protecting government data. Audit logs is a specific requirement of The Federal Risk and Authorization Management Program (FedRamp).

4.Technology: Software and tech companies can monitor access to sensitive information or identify the root problem of any issue developing within the application. Audit logs are one of AICPA Trust Services Criteria to achieve SOC 2 compliance.

5.Retail: Retail businesses can monitor and track transactions and make sure to secure customers' sensitive information.

6.Manufacturing: Manufacturing companies can track changes made to production processes and ensure to secure sensitive information related to production or supply chains.

Regarding who should be responsible for managing the logs in your application, it is typically beneficial for IT administrators and security teams, compliance and regulatory organizations, or DevOps teams. By default, only Strapi Super Administrators have access to the audit logs feature.

How Do Audit Logs Work?

Audit logs is a feature now available to Enterprise Edition users and the Strapi Cloud Team plan. You can find the logs of all activity within your environment available in Settings in the Admin Panel.

You can see a list of all the events with relevant information displayed on the right side of each event in the past seven days. The information displayed includes the date of the action, the user who performed it, and a details icon that opens a modal displaying additional information, such as the user’s IP address, the request body, etc.

Watch this video to see Audit logs in action and follow the documentation for a step-by-step guide.

You can try this feature out by signing up for a free Strapi demo.