Add tamper-proof audit logging to your Laravel application with the AuditKit PHP SDK. Eloquent model observers, middleware, and event system integration.
Laravel is the most popular PHP framework for building modern web applications. The AuditKit Laravel package provides Eloquent model observers for automatic change tracking, HTTP middleware for request logging, and integration with Laravel's event system. The package follows Laravel conventions with a service provider, publishable configuration, and Artisan commands.
Add AuditKit via Composer.
composer require auditkit/laravel
php artisan vendor:publish --provider="AuditKit\Laravel\AuditKitServiceProvider"Add your API key to .env.
# .env
AUDITKIT_API_KEY=your_api_key_here
# config/auditkit.php is auto-published
# Configure tenant resolution, async mode, etc.Use the trait for automatic Eloquent change tracking.
use AuditKit\Laravel\Traits\Auditable;
class Document extends Model
{
use Auditable;
protected $auditFields = ['title', 'status', 'classification'];
protected $auditEvents = ['created', 'updated', 'deleted'];
}Use the AuditKit facade for custom events.
use AuditKit\Laravel\Facades\AuditKit;
class DocumentController extends Controller
{
public function approve(Document $document)
{
$document->update(['status' => 'approved']);
AuditKit::log([
'action' => 'document.approved',
'actor' => ['id' => auth()->id(), 'email' => auth()->user()->email],
'target' => ['type' => 'document', 'id' => $document->id],
'metadata' => ['title' => $document->title],
]);
}
}Here is a complete example showing AuditKit integrated into a Laravel application with authentication logging, data access tracking, and explicit event capture.
// config/auditkit.php
return [
'api_key' => env('AUDITKIT_API_KEY'),
'tenant_resolver' => fn ($request) => $request->user()?->organization_id,
'async' => true, // Use Laravel queues for delivery
'queue' => 'audit',
];
// app/Models/Invoice.php
use AuditKit\Laravel\Traits\Auditable;
class Invoice extends Model
{
use Auditable;
protected $auditFields = ['amount', 'status', 'due_date'];
public function customer()
{
return $this->belongsTo(Customer::class);
}
}
// app/Http/Controllers/InvoiceController.php
use AuditKit\Laravel\Facades\AuditKit;
class InvoiceController extends Controller
{
public function refund(Invoice $invoice)
{
$previousStatus = $invoice->status;
$invoice->update(['status' => 'refunded']);
AuditKit::log([
'action' => 'invoice.refunded',
'actor' => [
'id' => (string) auth()->id(),
'email' => auth()->user()->email,
],
'target' => ['type' => 'invoice', 'id' => (string) $invoice->id],
'metadata' => [
'invoice_number' => $invoice->number,
'amount' => $invoice->amount,
'previous_status' => $previousStatus,
],
]);
return response()->json($invoice);
}
}Auditable trait for Eloquent model change tracking
HTTP middleware for automatic request logging
Laravel event/listener integration
Queue-based async event delivery
Laravel Sanctum/Passport auth event capture
Nova admin action logging
Install auditkit/laravel via Composer, publish the config, and add your API key. Use the Auditable trait on Eloquent models for automatic change tracking, or use the AuditKit facade for explicit event logging.
Yes. Set async to true in config/auditkit.php and AuditKit will dispatch events to your configured queue. This keeps your request handling fast while ensuring reliable delivery through Laravel's queue system.
Get started with tamper-proof audit trails in minutes. Open source, from $99/mo.