Audit Log

experimental

Append-only audit trail. Pure event sink: records domain events from a signed queue or direct calls.

2 hooks 2 events 3 permissions

Audit Log is source-visible, contract-first code — your agent reads the whole interface before it composes, never a black box.

Every hook has typed I/O and required tests, and the composition is pinned in microservices.lock.json — what you inspect here is exactly what pnpm microservices check verifies and deploys.

Typed hooks

Extension points with typed input/output and required tests — customize behavior without forking the module.

  • redactAuditPayload
  • beforeAuditExport

Events emitted

A stable, documented event surface other modules can subscribe to.

  • audit.recorded
  • audit.exported

Permissions

Scoped capabilities the module declares; the gateway enforces them at the boundary.

  • audit.read
  • audit.export
  • audit.admin

Experimental listing. Generated from the canonical module manifest via `registry build`.