Audit Logging
Transyt maintains a comprehensive audit log of all administrative actions, designed to support SOC 2 compliance requirements.
What Gets Logged
Section titled “What Gets Logged”Every Admin API request is logged with:
| Field | Description |
|---|---|
| Actor | Who performed the action (identified by token or IP) |
| Action | What was done (e.g., account.create, event.replay) |
| IP Address | Source IP of the request |
| Timestamp | When the action occurred |
| Details | Additional context about the action |
Logged Actions
Section titled “Logged Actions”Administrative actions that are logged include:
- Account management — Create, update, delete provider accounts
- Event operations — Replay, acknowledge, mark as failed
- Destination management — Create, update, delete destinations
- Delivery operations — Manual retry, bulk replay
- Audit log operations — Viewing and purging logs
- Backup operations — Triggering and listing backups
Querying Logs
Section titled “Querying Logs”# View recent audit logscurl https://ingest.transyt.com/admin/audit-logs \ -H "X-Admin-Token: YOUR_ADMIN_TOKEN"
# Filter by action typecurl "https://ingest.transyt.com/admin/audit-logs?action=event.replay" \ -H "X-Admin-Token: YOUR_ADMIN_TOKEN"
# Filter by IP addresscurl "https://ingest.transyt.com/admin/audit-logs?ip_address=203.0.113.1" \ -H "X-Admin-Token: YOUR_ADMIN_TOKEN"
# Get audit log statisticscurl https://ingest.transyt.com/admin/audit-logs/stats \ -H "X-Admin-Token: YOUR_ADMIN_TOKEN"Retention
Section titled “Retention”The default retention period is 90 days. You can purge older logs via the API with a minimum retention of 7 days:
curl -X DELETE "https://ingest.transyt.com/admin/audit-logs?older_than_days=90" \ -H "X-Admin-Token: YOUR_ADMIN_TOKEN"See the Audit Logs API for full details.