Immutable audit trails

The permanent record
your app deserves.

Hash-chained, tamper-evident, and queryable. Add a compliance-grade audit trail to any SaaS application in three lines of code.

Start Logging Events View Documentation
$ go get github.com/mataki-dev/auditstore-go
<1ms p50 ingest
99.99% uptime SLA
3 lines of code
0 events lost
main.go 
// Initialize once
client := auditstore.New("as_live_xxx")

// Emit an audit event — that's it
client.Emit(ctx, "user_abc", "document.created", "doc_xyz")
Response · 4ms 
{
  "id": "01JRCX...",
  "sequence": 48291,
  "chain_hash": "sha256:a3f8c1...",
  "recorded_at": "2026-04-06T14:30:00.142Z"
}

The problem

Every option is a compromise.

Every SaaS product of sufficient maturity needs an audit trail. The current options all fall short.

01 Hand-rolled

The audit table you built in a sprint

Append-only tables with ad hoc queries, fragile exports, and no tamper evidence. Repeated per product, tested inconsistently, and the first thing to break under migration.

02 Heavyweight platforms

Enterprise audit products

Structured logging with platform-scale pricing, opinionated schemas, and integration surface area that exceeds what most Series A–C products need.

03 Repurposed logging

Datadog, but for compliance

Operational telemetry tools lack immutability guarantees, legal-hold semantics, and the chain-of-custody properties that audit trails require.

The gap: a composable, developer-first audit trail that's trivial to emit into, immutable by default, queryable without a PhD, and priced per-event — not per-seat.

How it works

Four steps to a permanent record.

Install the SDK, emit events, query the ledger, verify integrity. Each step builds on the last.

01

Install the SDK

A single package. SDKs for Go, TypeScript, and Python — each under 50KB with zero transitive dependencies.

terminal 
# Go
$ go get github.com/mataki-dev/auditstore-go

# TypeScript
$ npm install @auditstore/sdk

# Python
$ pip install auditstore
02

Emit events

Three arguments: who did it, what they did, what they did it to. Fire-and-forget by default.

handler.go 
func handleDocumentCreate(w http.ResponseWriter, r *http.Request) {
    // ... your business logic ...

    // One line. That's the audit trail.
    audit.Emit(r.Context(), userID, "document.created", doc.ID)
}
03

Query the ledger

Filter by actor, action, resource, outcome, or time range. Paginated, fast, and structured.

query.go 
events, _ := client.Query(ctx, auditstore.QueryParams{
    ResourceID: "doc_xyz",
    Action:     "document.*",
    Since:      time.Now().Add(-24 * time.Hour),
})

for _, e := range events {
    fmt.Printf("%s %s %s\n", e.Actor.ID, e.Action, e.OccurredAt)
}
04

Verify integrity

Merkle inclusion proofs for any event or range. Independently verifiable — no trust required.

verify.go 
proof, _ := client.GetProof(ctx, "01JRCX...")

ok := proof.Verify(rootHash)
// true — this event exists, unmodified, in the ledger

Capabilities

Everything you need. Nothing you don't.

Immutable hash chain

Every event is SHA-256 linked to its predecessor. Insert, modify, or delete a single record and the chain breaks.

Merkle integrity proofs

Request a cryptographic proof for any event or range. Verify independently without trusting our infrastructure.

Flexible event schema

Accept any metadata on ingest — no schema registration required. Enforce structure at query time, not write time.

Structured query API

Filter by actor, action, resource, outcome, or time range. Paginated responses with cursor-based traversal.

Batch and async emission

Events buffer in-process and flush asynchronously. Configurable batch size and interval. Flush on process exit.

Retention and legal hold

Time-bounded retention with archival to your S3. Legal holds override all retention policies.

SIEM-compatible export

Export as JSON Lines, CSV, or Parquet to your own storage. Every export is itself an audited event.

Framework middleware

Auto-capture request context — IP, user agent, session, request ID — from Express, Hono, Chi, FastAPI, and more.

Integration

Three lines in any language.

Minimal emit and full emit with every option. Pick your language, copy the snippet, ship it.

Minimal
minimal 
client := auditstore.New("as_live_xxx")

client.Emit(ctx,
    "user_abc",
    "document.created",
    "doc_xyz",
)
Full options
full 
client.Emit(ctx, "user_abc", "document.created", "doc_xyz",
    auditstore.WithActorType("user"),
    auditstore.WithResourceType("document"),
    auditstore.WithOutcome(auditstore.Success),
    auditstore.WithEntitlement(
        "charterly", "growth",
        "bulk_export", "allowed",
    ),
    auditstore.WithMetadata(map[string]any{
        "document_title": "Q1 Report",
    }),
)

Pricing

Per-event pricing. No seat tax.

Pay for what you log, not how many people are on your team. Start free, scale as you grow.

Dev

For prototyping and development.

Free
10,000 events/mo
  • 1 ledger
  • 30-day retention
  • Chain verification
  • Community support
Start Free
Most popular

Launch

For products going to production.

$29 /mo
100,000 events/mo $0.0005 / event overage
  • Unlimited ledgers
  • 1-year retention
  • Merkle integrity proofs
  • Framework middleware
  • Email support
Get Started

Scale

For high-volume production workloads.

$199 /mo
1,000,000 events/mo $0.0003 / event overage
  • Everything in Launch
  • Configurable retention
  • Legal hold
  • SIEM export
  • Priority support
Get Started

Enterprise

For regulated industries and scale.

Custom
Custom volume
  • Everything in Scale
  • Unlimited retention + cold archive
  • Independent verification webhook
  • Dedicated support + SLA
  • BAA available
Contact Sales

Trust & Compliance

Built for your next audit.

AuditStore provides the infrastructure primitives that compliance workflows require — immutability, integrity proofs, retention controls, and auditable exports.

Tamper-evident hash chain

Every event is cryptographically linked to its predecessor. Modify any record and the chain breaks — making tampering detectable and provable.

#48288 user.login
a3f8c1…
#48289 doc.created
7b2e91…
#48290 doc.shared
e1d4f3…
#48291 token.revoked
92ca7b…

Merkle integrity proofs

Verify that any event exists unmodified in the ledger — without downloading the entire chain. Proof verification is independent of our infrastructure.

root hash h(0-1) h(2-3) evt 48288 evt 48289 evt 48290 evt 48291

Dashed path = inclusion proof for event 48289

SOC 2 Type II

CC7.2, CC7.3 — system monitoring and anomaly detection evidence via immutable audit trails.

ISO 27001

A.12.4 — logging and monitoring controls backed by hash-chain integrity.

Retention + Legal Hold

Time-bounded retention with archival. Legal holds override all policies.

SIEM Integration

Export as JSON Lines, CSV, or Parquet to your own storage and tooling.

Get started

Stop hand-rolling audit tables.

Add a compliance-grade, hash-chained audit trail to your application in minutes. Free to start, scales with your usage.

Start Logging Events Read the Docs