Skip to content

5.6 — Implement audit logging #65

Open
Open
5.6 — Implement audit logging#65
Labels
phase:5-hardeningPhase 5: Production Hardeningsize:MMedium task (3-5 days)squadSquad triage inbox — Lead will assign to a membersquad:zoeAssigned to Zoe (Tester)
@davidortinau

Description

@davidortinau
davidortinau
opened on Mar 13, 2026

Description

Add audit logging for security-sensitive operations: sign-in/sign-out events, authorization failures, data modifications. Logs include user ID, tenant, action, timestamp, IP address, and route to Application Insights for compliance and investigation.

Dependencies

Acceptance Criteria

  • Audit logging middleware added to API
  • Logged events: user sign-in, sign-out, authorization failure, data create/update/delete
  • Log format: structured JSON with user_id, tenant_id, action, timestamp, ip_address, resource
  • Logs exported to Application Insights via OpenTelemetry
  • Retention: 90 days hot (queryable), 1 year cold storage
  • Dashboards for audit queries (recent auth failures, modifications by user, etc.)
  • Tested: audit logs flowing to Application Insights

Technical Notes

  • Middleware: intercept requests, log security events
  • Structured logging: include all relevant context for investigation
  • Consider data sensitivity: don't log passwords or sensitive data
  • Use Application Insights queries to analyze audit trail
  • Compliance: helps with security incident investigation

Phase: 5 | Size: M | Owner: Zoe (Lead)

Metadata

Metadata

Assignees

No one assigned

    Labels

    phase:5-hardeningPhase 5: Production Hardeningsize:MMedium task (3-5 days)squadSquad triage inbox — Lead will assign to a membersquad:zoeAssigned to Zoe (Tester)

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions