What is Audit Log?

Why Audit Logs Matter for B2B SaaS

Audit logs are a foundational requirement for any B2B SaaS application selling to enterprise customers. Without them, you cannot pass SOC 2 Type II audits, meet HIPAA requirements, or satisfy enterprise procurement security questionnaires.

What an Audit Log Entry Contains

A well-structured audit log entry typically includes:

• Actor — The user or service account that performed the action
• Action — What was done (e.g., user.login, document.delete, role.assign)
• Target — The resource that was affected (with its ID)
• Timestamp — When the action occurred (UTC, millisecond precision)
• Context — IP address, user agent, session ID, and other metadata
• Result — Whether the action succeeded or failed

Immutable vs. Mutable Audit Logs

Traditional logging solutions store logs in mutable databases where entries can be altered or deleted. Immutable audit logs use cryptographic techniques like SHA-256 hash chains to ensure that once an event is recorded, it cannot be modified without detection. This tamper-evidence is required by SOC 2 CC7.2 and HIPAA 164.312(b).

How Trailbase Implements Audit Logs

Trailbase provides immutable audit logs via a single SDK call. Each event is cryptographically linked in a SHA-256 hash chain, making the entire log tamper-evident. Events are searchable in real-time, exportable to S3, and verifiable with a single API call.