Audit Logs
Audit logs provide a comprehensive record of all actions and events in your Cubewire organization. They enable compliance reporting, security monitoring, and operational troubleshooting.
What are Audit Logs?
Audit logs capture:
- Transaction Events — Every stage of transaction processing
- User Actions — Login, configuration changes, approvals
- System Events — Automated processes, background jobs
- Security Events — Authentication, authorization, policy violations
Audit Log Properties
| Field | Type | Description |
|---|---|---|
id | UUID | Unique audit log identifier |
timestamp | datetime | When the event occurred (ISO 8601, UTC) |
service | string | Originating service (e.g., cw-transaction-orch) |
event | string | Event type identifier (e.g., TRANSACTION_CREATED) |
message | string | Human-readable description of the event |
workflowId | string | Associated workflow ID (for transaction events) |
entityType | string | Type of entity (Transaction, User, Vault) |
entityId | string | ID of the related entity |
userId | string | User who performed the action (null for system events) |
clientInfo | object | Client metadata (IP address, user agent) |
details | object | Event-specific metadata and context |
transactionId | UUID | Related transaction ID (for transaction events) |
Event Types
Transaction Events
| Event | Description |
|---|---|
TRANSACTION_RECEIVED | Transaction request received by the system |
TRANSACTION_CREATED | Transaction workflow initiated |
TRANSACTION_VALIDATED | Transaction passed validation checks |
TRANSACTION_SIGNED | Transaction signed by vault |
TRANSACTION_SUBMITTED | Transaction broadcast to blockchain |
TRANSACTION_CONFIRMED | Transaction confirmed on-chain |
TRANSACTION_FAILED | Transaction failed (with error details) |
TRANSACTION_DENIED | Transaction blocked by policy |
TRANSACTION_CANCELLED | Transaction cancelled by user |
TRANSACTION_REPLACED | Transaction replaced (speed-up or cancel) |
Approval Events
| Event | Description |
|---|---|
APPROVAL_REQUIRED | Transaction requires approval |
APPROVAL_GRANTED | Approval threshold met |
APPROVAL_REJECTED | Approver rejected the transaction |
APPROVAL_TIMEOUT | Approval request expired |
Policy Events
| Event | Description |
|---|---|
POLICY_EVALUATION_STARTED | Policy evaluation began |
POLICY_EVALUATION_COMPLETED | Policy evaluation finished |
Compliance Events
| Event | Description |
|---|---|
SCREENING_COMPLETED | AML/sanctions screening completed |
Inbound Transaction Events
| Event | Description |
|---|---|
INBOUND_TRANSACTION_DETECTED | External transfer detected |
INBOUND_TRANSACTION_CONFIRMED | External transfer confirmed on-chain |
User & System Events
| Event | Description |
|---|---|
USER_ACTION | User performed an action |
SYSTEM_EVENT | System-initiated event |
Event Flow
Filtering & Querying
Filter Parameters
| Parameter | Type | Description |
|---|---|---|
event | string | Filter by event type (e.g., TRANSACTION_CREATED) |
entityType | string | Filter by entity type (e.g., Transaction, User) |
entityId | string | Filter by specific entity ID |
userId | string | Filter by user who performed the action |
workflowId | string | Filter by workflow ID |
startDate | string | Start of date range (ISO 8601) |
endDate | string | End of date range (ISO 8601) |
Pagination
| Parameter | Type | Default | Description |
|---|---|---|---|
page | number | 1 | Page number |
limit | number | 50 | Items per page (max 100) |
Compliance Reporting
Generate compliance reports for regulatory requirements:
- Date Range — Specify reporting period
- Event Categories — Filter by transaction, user, or security events
- Export Formats — JSON for programmatic access
Report Contents
| Section | Description |
|---|---|
| Summary | Total events, breakdown by type |
| Transaction Events | All transaction-related audit entries |
| User Activity | User actions during the period |
| Security Events | Authentication and authorization events |
User Activity Timeline
Track individual user activity across the platform:
- Login/logout events
- Transaction initiations
- Approval votes
- Configuration changes
Common Use Cases
Security Monitoring
Monitor for suspicious activity:
- Failed authentication attempts
- Unusual transaction patterns
- Policy violations
Compliance Audits
Prepare for regulatory audits:
- Generate date-range reports
- Export transaction history
- Document approval workflows
Troubleshooting
Debug transaction issues:
- Follow transaction workflow events
- Identify failure points
- Review policy evaluation details
Best Practices
Retention
| Practice | Description |
|---|---|
| Regular exports | Export logs periodically for archival |
| Compliance requirements | Maintain logs per regulatory requirements |
Monitoring
| Practice | Description |
|---|---|
| Set up alerts | Monitor for security events |
| Review regularly | Periodic review of user activity |
| Track failures | Monitor transaction failure patterns |
Related Topics
- Transactions — Transaction lifecycle and events
- Policies — Policy evaluation logging
- Permissions — User action tracking
API Reference
For complete API documentation including endpoints, request/response examples, and code samples:
- List audit logs —
GET /api/v1/transactions/audit/logs - Get audit log by ID —
GET /api/v1/transactions/audit/logs/{id} - Get audit log statistics —
GET /api/v1/transactions/audit/logs/stats/summary - Generate compliance report —
GET /api/v1/transactions/audit/logs/compliance/report - Get user activity timeline —
GET /api/v1/transactions/audit/logs/user/{userId}/activity
Audit Logs
Audit logs provide a comprehensive record of all actions and events in your Cubewire organization. They enable compliance reporting, security monitoring, and operational troubleshooting.
What are Audit Logs?
Audit logs capture:
- Transaction Events — Every stage of transaction processing
- User Actions — Login, configuration changes, approvals
- System Events — Automated processes, background jobs
- Security Events — Authentication, authorization, policy violations
Audit Log Properties
| Field | Type | Description |
|---|---|---|
id | UUID | Unique audit log identifier |
timestamp | datetime | When the event occurred (ISO 8601, UTC) |
service | string | Originating service (e.g., cw-transaction-orch) |
event | string | Event type identifier (e.g., TRANSACTION_CREATED) |
message | string | Human-readable description of the event |
workflowId | string | Associated workflow ID (for transaction events) |
entityType | string | Type of entity (Transaction, User, Vault) |
entityId | string | ID of the related entity |
userId | string | User who performed the action (null for system events) |
clientInfo | object | Client metadata (IP address, user agent) |
details | object | Event-specific metadata and context |
transactionId | UUID | Related transaction ID (for transaction events) |
Event Types
Transaction Events
| Event | Description |
|---|---|
TRANSACTION_RECEIVED | Transaction request received by the system |
TRANSACTION_CREATED | Transaction workflow initiated |
TRANSACTION_VALIDATED | Transaction passed validation checks |
TRANSACTION_SIGNED | Transaction signed by vault |
TRANSACTION_SUBMITTED | Transaction broadcast to blockchain |
TRANSACTION_CONFIRMED | Transaction confirmed on-chain |
TRANSACTION_FAILED | Transaction failed (with error details) |
TRANSACTION_DENIED | Transaction blocked by policy |
TRANSACTION_CANCELLED | Transaction cancelled by user |
TRANSACTION_REPLACED | Transaction replaced (speed-up or cancel) |
Approval Events
| Event | Description |
|---|---|
APPROVAL_REQUIRED | Transaction requires approval |
APPROVAL_GRANTED | Approval threshold met |
APPROVAL_REJECTED | Approver rejected the transaction |
APPROVAL_TIMEOUT | Approval request expired |
Policy Events
| Event | Description |
|---|---|
POLICY_EVALUATION_STARTED | Policy evaluation began |
POLICY_EVALUATION_COMPLETED | Policy evaluation finished |
Compliance Events
| Event | Description |
|---|---|
SCREENING_COMPLETED | AML/sanctions screening completed |
Inbound Transaction Events
| Event | Description |
|---|---|
INBOUND_TRANSACTION_DETECTED | External transfer detected |
INBOUND_TRANSACTION_CONFIRMED | External transfer confirmed on-chain |
User & System Events
| Event | Description |
|---|---|
USER_ACTION | User performed an action |
SYSTEM_EVENT | System-initiated event |
Event Flow
Filtering & Querying
Filter Parameters
| Parameter | Type | Description |
|---|---|---|
event | string | Filter by event type (e.g., TRANSACTION_CREATED) |
entityType | string | Filter by entity type (e.g., Transaction, User) |
entityId | string | Filter by specific entity ID |
userId | string | Filter by user who performed the action |
workflowId | string | Filter by workflow ID |
startDate | string | Start of date range (ISO 8601) |
endDate | string | End of date range (ISO 8601) |
Pagination
| Parameter | Type | Default | Description |
|---|---|---|---|
page | number | 1 | Page number |
limit | number | 50 | Items per page (max 100) |
Compliance Reporting
Generate compliance reports for regulatory requirements:
- Date Range — Specify reporting period
- Event Categories — Filter by transaction, user, or security events
- Export Formats — JSON for programmatic access
Report Contents
| Section | Description |
|---|---|
| Summary | Total events, breakdown by type |
| Transaction Events | All transaction-related audit entries |
| User Activity | User actions during the period |
| Security Events | Authentication and authorization events |
User Activity Timeline
Track individual user activity across the platform:
- Login/logout events
- Transaction initiations
- Approval votes
- Configuration changes
Common Use Cases
Security Monitoring
Monitor for suspicious activity:
- Failed authentication attempts
- Unusual transaction patterns
- Policy violations
Compliance Audits
Prepare for regulatory audits:
- Generate date-range reports
- Export transaction history
- Document approval workflows
Troubleshooting
Debug transaction issues:
- Follow transaction workflow events
- Identify failure points
- Review policy evaluation details
Best Practices
Retention
| Practice | Description |
|---|---|
| Regular exports | Export logs periodically for archival |
| Compliance requirements | Maintain logs per regulatory requirements |
Monitoring
| Practice | Description |
|---|---|
| Set up alerts | Monitor for security events |
| Review regularly | Periodic review of user activity |
| Track failures | Monitor transaction failure patterns |
Related Topics
- Transactions — Transaction lifecycle and events
- Policies — Policy evaluation logging
- Permissions — User action tracking
API Reference
For complete API documentation including endpoints, request/response examples, and code samples:
- List audit logs —
GET /api/v1/transactions/audit/logs - Get audit log by ID —
GET /api/v1/transactions/audit/logs/{id} - Get audit log statistics —
GET /api/v1/transactions/audit/logs/stats/summary - Generate compliance report —
GET /api/v1/transactions/audit/logs/compliance/report - Get user activity timeline —
GET /api/v1/transactions/audit/logs/user/{userId}/activity