You're building a SaaS product. You know you need audit logs—for compliance, debugging, customer trust. But the thought of building them yourself is exhausting. Database schema design, event serialization, storage queries, retention policies... it's a rabbit hole.
What if you could add audit logging to your app in less time than it takes to grab coffee?
The problem we're solving
Last week, I helped a developer integrate audit logging into a Python app running inside Docker. They had a few options:
- Build it yourself — 2-3 weeks of development, testing, and maintenance
- Use a half-baked solution — ends up unreliable when you need it
- Use a hosted API — audit logs in minutes
They went with option 3. Here's how.
Before: What they were stuck with
# This is what logging looked like before
print(f"User {user_id} ran stats")
# That's it. Not structured. No query API. No compliance trail.
After: AuditLedge in your app
Step 1: Install the SDK (30 seconds)
Depending on your tech stack, install once and you're done:
Node.js:
npm install auditledge
Python:
pip install auditledge
Or use REST API directly (any language):
curl -X POST https://api.auditledge.com/v1/events \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"user_id": "user@example.com", "action": "view_report", "metadata": {...}}'
Step 2: Initialize the client (1 minute)
Node.js:
import AuditLedge from 'auditledge';
const audit = new AuditLedge({
apiKey: process.env.AUDITLEDGE_API_KEY
});
Python:
from auditledge import AuditLedge
audit = AuditLedge(api_key=os.getenv('AUDITLEDGE_API_KEY'))
Python in Docker (real example):
# In your Docker container, install auditledge in requirements.txt
# requirements.txt:
# auditledge==0.1.1
# flask==2.0.0
# ...
from auditledge import AuditLedge
import os
audit = AuditLedge(api_key=os.getenv('AUDITLEDGE_API_KEY'))
@app.route('/api/run-stats', methods=['POST'])
def run_stats():
user_id = request.json.get('user_id')
# Your business logic here
stats = calculate_stats()
# Log it (2 lines)
audit.log(
user_id=user_id,
action='run_stats',
metadata={'stats': stats, 'timestamp': datetime.now().isoformat()}
)
return {'success': True, 'stats': stats}
Step 3: Log events everywhere (3 minutes)
Replace your print statements and basic logging with structured audit events:
# Before
print(f"User {user_id} exported data")
# After (1 line)
audit.log(user_id=user_id, action='export_data', metadata={'format': 'csv'})
Add it to critical user actions:
- User login / logout
- Data exports
- Permission changes
- Billing events
- API key generation
- Admin actions
Why this matters
For compliance
GDPR auditors ask: "Show me every access to user data for the past 12 months." With audit logs, you have the answer. Without them? You're exposed.
For debugging
A customer says "I never got that email." You check your logs... nothing. With audit logs:
audit.query(user_id='john@example.com', action='email_sent', days=30)
You instantly see what happened.
For security
A contractor's API key was compromised. How many records did they access?
audit.query(api_key='key_xyz...', days=7)
You have the full trail in seconds.
The 5-minute setup in action
Let's say you're using the Python SDK in a Flask app running on Docker:
# 1. Add to requirements.txt (5 seconds)
# auditledge==0.1.1
# 2. Initialize in your app (30 seconds)
from auditledge import AuditLedge
audit = AuditLedge(api_key=os.getenv('AUDITLEDGE_API_KEY'))
# 3. Log your first event (1 minute)
@app.route('/api/action', methods=['POST'])
def my_action():
user_id = request.json.get('user_id')
# Do your thing
result = do_something(user_id)
# Log it
audit.log(
user_id=user_id,
action='my_action',
metadata={'result': result}
)
return {'status': 'success', 'result': result}
# 4. Query logs whenever you need (2 minutes setup)
# In a separate script or admin panel:
events = audit.query(user_id='john@example.com', days=30)
for event in events:
print(f"{event['timestamp']}: {event['action']}")
Set your AUDITLEDGE_API_KEY in your Docker environment variables:
# docker-compose.yml
services:
app:
build: .
environment:
AUDITLEDGE_API_KEY: ${AUDITLEDGE_API_KEY}
Done. Your audit logs are now live.
Pricing that makes sense
- Free: 10K events/month, 14-day retention (forever, no credit card)
- Starter: $19/month — 500K events/month, 1-year retention, API key management
- Growth: $49/month — 5M events/month, 2-year retention, compliance-ready (SOC 2 / HIPAA)
Most early-stage SaaS use 50K-500K events/month, so you're in the Starter plan ($19/month). Enterprise? Growth plan gets you compliance certifications included.
For comparison, building this yourself costs:
- 2-3 weeks of senior engineer time (conservatively $10-15K)
- Ongoing maintenance (5+ hours/month)
- Compliance risk (if something breaks)
$19/month suddenly looks very smart.
Next steps
- Sign up at auditledge.com (free tier, no credit card)
- Get your API key from the dashboard
- Install the SDK for your language (npm/pip/REST)
- Add 3-5 audit logs to your most critical user actions
- Test it out — make sure events show up in the dashboard
- Sleep better knowing you have a compliance trail
The whole process takes 5 minutes. The peace of mind lasts forever.
Questions?
- Can I delete audit logs? Only in development/test — production logs are immutable
-
What if I need custom fields? Pass anything in
metadata— it's flexible - Does it work with [my framework]? If it has HTTP support, yes
Start your free trial now: auditledge.com
Audit logs aren't a nice-to-have anymore. They're table stakes. Make them boring—let AuditLedge handle it.
Top comments (0)