Audit Trail

Available in HARP Proxy CE – Documentation

An audit trail (or audit log) is a crucial feature for any system that requires tracking and monitoring of activities. It provides a chronological record of events, changes, or actions that have occurred within a system. This is particularly important for debugging, compliance, and security purposes.

Overview

HARP Proxy's audit trail feature efficiently captures and stores both metadata (such as timestamps, tags, and completion status) and the full content of API transactions (including HTTP requests and responses). This core functionality allows system operators to quickly introspect live system events, eliminating the need for speculative hypotheses about the root causes of incidents by providing immediate access to the necessary data.

HARP Proxy captures and stores all data passing through it, including request and response payloads, headers, and metadata, temporarily ensuring access to recent transactions for analysis and troubleshooting. The data retention period and the amount of data to store are configurable both globally (at the service/proxy level), per endpoint, or per transaction.

Dashboard

By default, all data going through the proxy is available in the dashboard. This provides a centralized location where you can view and analyze the captured transactions. The dashboard offers various filtering and search capabilities, making it easy to find specific transactions or patterns.

Production Setups

For production setups, and depending on the rate of API calls, you can fine-tune the feature to store only a subset of the transactions. This is particularly useful for high-traffic environments where storing all transactions might be impractical. For example, you can choose to store all payment-related API calls but only a sample of 1% of API calls to some high-traffic endpoints.

Debugging, forensics & post-mortem analysis

When an issue occurs, having access to the full content of API transactions allows developers to quickly identify and resolve the problem. The audit trail provides a detailed record of what happened, making it easier to reproduce and fix bugs.

In the event of an incident, the audit trail can be invaluable for forensic analysis and post-mortem investigations. It allows teams to trace the actions leading up to the incident, understand the impact, and take appropriate measures to prevent future occurrences.

Compliance and regulations

Many industries have strict regulatory requirements for data handling and auditing. HARP Proxy's audit trail feature helps organizations comply with these regulations by providing a transparent and optionally immutable record of API transactions. This ensures that all actions are logged and can be reviewed for compliance purposes, making it easier to demonstrate adherence to legal and industry standards. The audit trail can also generate reports and provide evidence during audits, ensuring that all necessary information is readily available and verifiable. Depending on your needs, some or all stored data can be anonymized or pseudonymized to comply with GDPR and other data protection regulations.