Introducing Audit Logs in Appsmith Business

Trisha Anand
Posted by Trisha AnandPublished on Jan 08, 2023
3 min read
Audit Logs are now available on Appsmith Business

Ideal conditions

You have “Eye Of The Tiger” playing in the background, “Carpe Diem” on your wall in the foreground, dark coffee in hand, game face on your, er, face starting at your friendly Appsmith log-in screen. You log in with confidence, your app loads up in a jiff, and you get to your day with a bias toward action.

Seize the day.

For non-ideal conditions—your speaker conked, your coffee ran, “Carpe Diem” was droopy, your Appsmith app showed an ugly “Resource not found” error—, you now have Audit Logs.

What Audit Logs are

An immutable history of user-generated events in your Appsmith instance—yes, instance—, Audit Logs help instance admins track changes to workspaces, apps, pages, datasource, queries, and JS Objects.

Parts of the Audit Logs screen that help quickly get to RCA

A much needed improvement to known workarounds, Audit Logs now offer a central interface to see activity filtered by users, resources, and time.

Audit logs, filtered • Appsmith

For all the context you need to decode an event, each log line offers you five key pieces of info as shown below.

{
  "event": "query.executed",
  "timestamp": "17/11/2022, 18:17:46",
  "resource": {
    "id": "63762d6654553a32c2397d63",
    "type": "Query",
    "name": "getCustomers",
    "executionStatus": "success",
    "responseTime": 404,
    "responseCode": ""
  },
  "page": {
    "id": "63762d6654553a32c2397d61",
    "name": "Page1"
  },
  "application": {
    "id": "63762d6654553a32c2397d5f",
    "name": "Customer Support Dashboard (1)",
    "visibility": "private",
    "mode": "edit"
  },
  "workspace": {
    "id": "63762d3554553a32c2397d3d",
    "name": "new-user-612ds459683's apps"
  },
  "user": {
    "id": "63762d3554553a32c2397d3b",
    "email": "new-user-612ds459683@tanvibhakta.in"
  },
  "metadata": {
    "appsmithVersion": "v1.8.8"
  },
  "id": "63762d7254553a32c2397d6d"
}

When Audit Logs help most

While just looking at log lines scroll up and out of view is a great reason, we built the feature for the top three use cases we heard from all of you.

Debugging

Debug easily with full context for each log line that you can filter by user and resource

Your group Inbox filling up with end-user complaints about your app not loading? Probably a bad query that was recently introduced or a change that broke a connection to the datasource, so hop over to Audit Logs, filter by query.executed or datasource.updated and correlate to end-user and app developer actions to quickly RCA the perp.

Blog image

Incident management

Quickly home in on incidents reported by end-users with time filters between the last known good state and the first report, roll back changes, and use Granular Access Controls to future proof your apps.

With filters for app-specific activity like app.deleted and the context you need per log line, you can now hold users accountable to breaking actions. Combined with Granular Access Controls, you can limit the scope of damage to approved users and groups for now and the future.

Security and compliance

Blog image

While Granular Access Controls go a long way in perimeter and inside-out security, your apps are only as secure as your monitoring of potentially dangerous events like instance_setting.updated. Set overwatch for those events, roll back changes, and inform downstream action with contexts for who, what, and when.

What’s next for Audit Logs

We don't have anything planned for broken speakers or droopy mottos on walls, but besides adding to the library of tracked events, we are rolling out updates to Audit Logs that will let you,

  • Export them out to compliance tools so you can get ready all-checks-passed reports on-demand

  • Configure retention periods in line with compliance policies for your industry and geography

  • Stream them to monitoring tools like DataDog or Splunk for real-time monitoring and alerts

Let us know which you would like us to prioritize and if there’s more we could add to our immediate roadmap. But first, try out Audit Logs on Appsmith Business and see non-ideal situations turn into, “Phew! Not so bad.”