All changes made within Tarsal's application, either via the browser or via API, are captured. The data captured includes the old and new values of the entire record. These objects are then stored as stringified JSON.
Prior to committing to the database, any secrets or passwords that these records may contain will be obfuscated via asterisks and are not retrievable.
Example Record
{
"id": "019276b3-0add-7fc1-8366-5639a3fbc053",
"createTime": "2024-10-10T13:51:38.205849Z",
"resource": {
"type": "USER",
"id": "9cba4c24-db9d-43f5-868d-2c8d240c38ab",
"changes": [
{
"name": "entity",
"description": "User [email protected] update_password from 123.22.78.213",
"oldValue": "JSON stringified object. null for CREATE operations",
"newValue": "JSON stringified object. null for DELETE operations"
}
]
},
"operation": {
"type": "UPDATE",
"id": "UPDATE-USER",
"time": "2024-10-10T13:51:38.162Z",
"status": "SUCCEEDED"
},
"actor": {
"type": "USER",
"id": "9cba4c24-db9d-43f5-868d-2c8d240c38ab",
"metadata": {
"company": "acmeco",
"email": "[email protected]",
"name": "Acme User"
}
}
}
Audit Log Operations and Resources
In General, the Operation ID operation.id
is a combination of the Operation Type operation.type
(CREATE, UPDATE, DELETE) and the Resource Type resource.type
(USER, SOURCE, DESTINATION, etc) and is mostly self explanatory as they are based on REST CRUD principles.
Example: UPDATE-SOURCE
The Operation ID UPDATE-SOURCE means that a Source configuration was Updated.
There are more complicated use cases around non standard objects which don't follow a strict CRUD pattern. Resources in this category include Login, Authentication, and User operations. These operations are described below:
Operation ID | Description |
---|---|
LOGIN-AUTHENTICATION | Login events via Username and Password |
LOGIN-SSO-AUTHENTICATION | Login events via Single Sign On |
LOGOUT-AUTHENTICATION | Logout events |
SESSION-RENEWAL-AUTHENTICATION | Session Re-Authenticated, e.g. a token renewal exchange with an IDP |
UPDATE-AUTHENTICATION | Session operations, includes refresh token exchange; grants revoked |
UPDATE-USER | User related updates, such as verify email, update password, configure OTP |