Tamper-evident audit log for every API call, admin action, and data mutation in your nSelf stack. Events are chained with cryptographic hashes so any deletion or alteration is detectable. Useful for SOC 2, HIPAA, and internal compliance reviews.
Install with nself plugin install nself-audit — no license key needed. Ships with ɳSelf v1.1.0.
nself plugin install nself-audit
nself build
nself start| Variable | Required | Default | Description |
|---|---|---|---|
PLUGIN_AUDIT_RETENTION_DAYS | No | 365 | Days to retain audit events before archiving |
PLUGIN_AUDIT_INCLUDE_BODY | No | false | Log full request body (may increase storage usage significantly) |
PLUGIN_AUDIT_HASH_ALGORITHM | No | sha256 | Hash algorithm for event chain: sha256 or sha512 |
| Endpoint | Method | Description |
|---|---|---|
/audit/events | GET | List audit events with filters (actor, resource, date range) |
/audit/events/:id | GET | Single event with full context and hash chain proof |
/audit/verify | POST | Verify the integrity of the event chain (tamper detection) |
/audit/export | GET | Export events as JSON or CSV for compliance review |
/health | GET | Plugin health check |
Out of the box, nself-audit captures all Hasura mutations (insert, update, delete), authentication events (login, logout, token refresh, MFA), admin actions via the nSelf CLI and Admin UI, and plugin configuration changes. Each event records the actor, timestamp, resource, action, and a hash that chains to the previous event.
# Verify the full audit chain — returns OK or lists broken links
curl https://api.yoursite.com/audit/verify
# Check a specific event range
curl "https://api.yoursite.com/audit/verify?from=2025-01-01&to=2025-01-31"Port: 3843 | Free Plugin — MIT | Ships: v1.1.0