DEV Community

rahul chavan
rahul chavan

Posted on • Edited on • Originally published at github.com

Why I Built a New Audit Bundle for Symfony (And Why Your Project Needs It)

#symfony #php #doctrine #security

Update:

The EasyAdmin integration has been improved with a cleaner and more polished UI.

Easy Admin Integration

👉 Read the follow-up post for details.

When I started my latest Symfony enterprise project, I did what most of us do: I looked for a battle-tested Doctrine auditing solution. But I quickly realized that existing options often felt like a trade-off. Some were too heavy, others were a nightmare to customize, and almost none addressed the critical 2026 need: Data Integrity.

I spent way too much time fighting performance lags and database bloat. That frustration led me to build a solution that is both lightweight and enterprise-ready.

That’s why I built AuditTrailBundle. It’s a modern alternative for Symfony entity tracking that focuses on performance and compliance.

1. Stop Logging "Noise" (Conditional Auditing)

In high-traffic apps, logging every tiny change is a mistake. Do you really need to log a last_login timestamp every 5 minutes? It wastes storage and clutters your audit log history.

I integrated Symfony Expression Language directly into the bundle. Now, you can set "Smart Rules" to only trigger an audit if a specific condition is met. It’s conditional logging that keeps your database clean and searchable.

2. The "Anti-Tamper" Proof (Audit Compliance)

If your app needs to be GDPR or SOC2 compliant, simply having logs isn't enough. You need to prove those logs haven't been modified.

I added a Data Integrity Check feature—a digital seal for your history. If a DBA or an attacker manually edits a log entry to hide their tracks, the bundle flags the discrepancy. It’s a built-in safety net for your audit trail.

3. Performance That Won't Slow You Down

A common complaint with Symfony audit bundles is the "request lag." This bundle hooks into the Doctrine onFlush event, ensuring the audit is part of the same atomic transaction.

  • No Orphaned Logs: If your data rolls back, the audit rolls back.
  • Split Transport Support: To keep your primary database fast, you can route audit logs to a different database connection or an external service. This is essential for scaling Symfony applications.

4. Tracking Changes (Collection Diffs)

Most bundles fail when it comes to Many-to-Many relationships. They might tell you a collection "changed," but not what moved.

AuditTrailBundle performs a deep Collection Diff. It identifies exactly which IDs were added or removed from a relation, giving you a crystal-clear picture of your entity's history without the guesswork.

Quick Start

Install it via Composer:

composer require rcsofttech/audit-trail-bundle
Enter fullscreen mode Exit fullscreen mode

Summary: A Modern Tool for Modern Devs

I built this to offer a performance-first architecture for developers who need precision. Whether you’re worried about database scalability or strict security compliance, this bundle handles it without the overhead.

Check it out on GitHub:
Audit Bundle

I’m actively looking for feedback! If you find it helpful, please consider dropping a Star ⭐ on GitHub! It helps the project reach more developers in the Symfony community.

Top comments (1)

Collapse
 
aless673 profile image
Alessandro GIULIANI

amazing work, I will give a try on next project