Open sourceTamper-evidentEnterprise-ready

Ship audit logging in
5 minutes, not 5 sprints

Immutable, tenant-scoped audit trails that close enterprise deals. Stop spending weeks building custom logging infrastructure. Open-source SDK with optional managed cloud.

Get Started Free View on GitHub

app.ts

import { AuditKit } from '@auditkit/sdk';

const audit = new AuditKit({
  apiKey: process.env.AUDITKIT_API_KEY!,
});

await audit.log('document.updated', {
  actor: { id: 'user_123', name: 'Jane Doe' },
  target: { type: 'document', id: 'doc_456' },
  tenantId: 'org_acme',
});

Open Source

AGPLv3 licensed

Tamper-Evident

SHA-256 hash chaining

< 5 min setup

npm install to production

SOC 2 Ready

Compliance exports included

Building audit logs in-house costs more than you think

Every B2B SaaS team hits the same wall. Here's what you're signing up for when you build it yourself.

2-4 weeks

Engineering time

Schema design, hash chaining, tenant isolation, search indexing, export pipelines. That's before you write a single test.

Every quarter

Ongoing compliance maintenance

SOC 2 auditors come back every year. New formats, new requirements, new exports. The maintenance never stops.

Deals blocked

Enterprise deals stall at security review

"Do you have immutable audit trails?" If the answer is no, your deal sits in security review for weeks.

AuditKit handles all of this with a single SDK.

Interactive playground

See it in action

Edit the fields, hit Send Event, and watch the tamper-evident audit log build in real time.

audit.log()

Action

Actor Name

Target Type

Target ID

Tenant ID

Severity

await audit.log('document.updated', {
  actor: { id: 'user_123', name: 'Jane Doe' },
  target: { type: 'document', id: 'doc_456' },
  tenantId: 'org_acme',
});

Audit Log Viewer

0 events

No events yet

Edit the fields and click Send Event to see the audit log populate.

npm install @auditkit/sdk

Quick start

Production-ready in three steps

From zero to enterprise-grade audit trails in under 5 minutes.

Install the SDK

One package. Zero config. Works with Node, Python, Go, and Ruby.

$ npm install @auditkit/sdk

Log your first event

Five lines of code. Tamper-evident from the first event.

await audit.log('user.login', {
  actor: { id: 'usr_1' },
  tenantId: 'org_acme',
});

Your customers see their audit trail

Embed our pre-built viewer in your app. Tenant-scoped by default so each customer sees only their own events.

<AuditKitViewer
  tenantId="org_acme"
  token={jwt}
/>

Enterprise-grade

Built for the people who actually need audit logs

Auditors, customers, security teams, compliance officers. AuditKit is designed for all of them.

Your auditors need proof, not promises.

Every event is SHA-256 hash-chained to the previous one, creating a cryptographic chain of custody that proves no records have been altered. Merkle tree verification lets auditors validate the entire log mathematically.

SHA-256 hash chaining
Merkle tree proofs
Cryptographic verification API
Append-only storage

verification

const proof = await audit.verify('evt_789');

// => { 
//   valid: true,
//   hashChain: "unbroken",
//   merkleRoot: "a1b2c3..."
// }

embedded viewer
document.updated
Jane Doe2 min ago
member.invited
Mike Chen14 min ago
permission.changed
Sarah Kim1 hr ago
export.requested
Jane Doe3 hrs ago

Your customers need their own audit trail.

Tenant-scoped by default. Each customer sees only their own events. Embed the pre-built viewer directly in your app with a single React component or iframe.

Row-level tenant isolation
Embeddable React viewer
JWT-scoped access tokens
Full-text search per tenant

Your security team needs real-time alerts.

Webhooks fire on every event. SIEM streaming pushes to Splunk, Datadog, and S3 in real time. Built-in anomaly detection flags suspicious patterns before they become incidents.

HMAC-signed webhooks with retries
SIEM streaming (Splunk, Datadog, S3)
AI anomaly detection
Slack/Discord notifications

webhook payload

{
  "type": "anomaly.detected",
  "severity": "high",
  "reason": "Bulk export from new IP",
  "actor": "user_123",
  "tenant": "org_acme"
}

compliance export

const report = await audit.export({
  format: 'pdf',
  standard: 'ocsf',
  range: 'last-quarter',
  tenantId: 'org_acme',
});

// => SOC 2 evidence PDF ready

Your compliance officer needs exports.

One-click exports in CSV, JSON, and PDF. Industry-standard OCSF and CEF formats. Generate SOC 2 evidence packages that auditors actually accept.

CSV, JSON, PDF exports
OCSF + CEF standard formats
SOC 2 evidence packages
Scheduled compliance reports

How AuditKit compares

The only tool that's open source, managed, self-hostable, and cryptographically immutable.

Feature	AuditKit	WorkOS	Pangea	Retraced	Custom Build
Open source		—	—
Managed cloud				—	—
Tamper-proof (hash chain)		—		—	—
Merkle tree proofs		—		—	—
Tenant-scoped access					—
Embeddable viewer		—			—
SIEM streaming				—	—
Multi-language SDKs				—	—
Self-hostable		—	—
GraphQL API		—	—	—	—
AI anomaly detection		—	—	—	—
Setup time	5 min	1 day	2 hrs	1 week	2-4 weeks
Price (100K events)	$39/mo	$99+/mo	Contact	Free	Dev time

Simple, usage-based pricing

Start free. Scale as you grow.

Free

5K events/mo

30-day retention · 50K lifetime cap

SDK + hash chaining
Search + API
Basic dashboard
1 project
1 seat
Community support

Pro

$39/mo

100K events/mo

90-day retention

Everything in Free
Embedded viewer UI
CSV/JSON export
Webhooks + Slack/Discord
Anomaly detection
Unlimited tenants
3 projects · 5 seats

Business

$99/mo

500K events/mo

1-year retention

Everything in Pro
SIEM streaming included
OCSF/CEF formats
Compliance evidence export
Data residency (EU/US)
PII redaction
10 projects · 15 seats

Supersize + Milkshake

$349/mo

5M events/mo

7-year retention

Everything in Business
Merkle tree proofs
Legal hold
SSO/SCIM
GraphQL API
99.99% SLA
Unlimited projects, seats & tenants
Priority support + extra milkshakes

Trusted by builders

Teams ship faster with AuditKit

From secure document sharing to AI-powered operations, teams choose AuditKit to handle the compliance work they'd rather not build.

“We needed tamper-proof audit trails for every document view, download, and watermark event. AuditKit gave us enterprise-grade logging in an afternoon — would have taken us weeks to build the hash-chaining alone.”

Engineering Team

CloakShare

Open-source secure document & video sharing with dynamic watermarks

“Our enterprise customers asked for full audit visibility into every crawl, every report, every user action. AuditKit’s tenant-scoped logs and embeddable viewer meant we could ship that feature same-day instead of next quarter.”

Product Team

SiteCrawlIQ

AI-driven SEO & geographic website auditing platform

“When you’re handling SOPs and sensitive operational data, you need an immutable record of who accessed what and when. AuditKit’s SIEM streaming and compliance exports made our SOC 2 prep painless.”

Operations Team

DocOpsIQ

AI-powered SOP retrieval with cited sources

Stop spending sprints on audit logging

Your enterprise customers need audit trail access. Ship it today, not next quarter.

Get Started Free Star on GitHub

Ship audit logging in5 minutes, not 5 sprints