Secure, Scalable, and Resilient Log Management System
AuditTrail is a backend service designed for high-throughput, cryptographically verifiable audit logging. Tailored for enterprise-grade observability, it supports JWT-authenticated access, asynchronous resilient writes, powerful query filtering, and export capabilities — all within a scalable, observable architecture deployed via Docker Swarm.
+----------------+ +-----------------+ +----------------+
| Client Apps | -- JWT --> | Django REST API | -- Async --> | Celery Workers |
+----------------+ +-----------------+ +----------------+
| | |
| | |
v v v
Auth via JWT MongoDB (Logs Collection) Redis
| |
v v
Prometheus Metrics Celery Broker
- JWT Bearer token authentication ensures secure access
- Role-based permissions for future extensibility
- Celery task queue for asynchronous log processing
- Redis as the Celery broker for task distribution
- MongoDB for persistent log storage with late acknowledgment to ensure data integrity
- Log entries are signed using a LOG_SIGNING_KEY to prevent tampering
- Signature verification ensures log integrity during retrieval
- Filter logs by criteria like user_id, action, and timestamps
- Pagination support for efficient data retrieval
- MongoDB indexes for optimized query performance
- Prometheus metrics for monitoring log creation and system health
- Configurable for integration with Grafana dashboards for real-time insights
- Export logs in JSON format for archival or analysis
- Configurable retention policies for log management
- Unit and integration tests using Django's test framework
- CI/CD pipeline via GitHub Actions for automated testing and deployment to Docker Swarm
- Dependencies on MongoDB and Redis during testing are managed via Docker Compose
- Backend: Django REST Framework + Celery (Redis broker)
- Database: MongoDB for log storage
- Task Queue/Cache: Redis (Celery broker)
- Authentication: JWT tokens
- Monitoring: Prometheus (Grafana integration planned)
- Deployment: Docker + Docker Swarm on GCP
- CI/CD: GitHub Actions
- Testing: Django's test framework (pytest integration planned)
- Docker and Docker Compose installed
- GitHub repository with secrets configured:
LOG_SIGNING_KEY: Secret key for signing logsMONGO_USERNAMEandMONGO_PASSWORD: MongoDB credentialsSSH_USER,SSH_HOST,SSH_PRIVATE_KEY: For deployment to Docker SwarmDOCKER_HUB_USERNAMEandDOCKER_HUB_PASSWORD: For Docker Hub access
-
Clone the repo and set up the environment:
git clone https://github.com/santura-dev/AuditTrail.git cd audittrail -
Create a
.envfile with the following variables:MONGO_USERNAME=user MONGO_PASSWORD=password LOG_SIGNING_KEY=your-secret-key-here
-
Build and start the services using Docker Compose:
docker-compose up --build -d
-
Access the API at http://localhost:8000
| Endpoint | Method | Authentication | Description |
|---|---|---|---|
/logs/create/ |
POST | JWT Required | Create a new audit log entry |
/logs/list/ |
GET | JWT Required | Retrieve logs with filtering |
/logs/export/ |
GET | JWT Required | Export logs in JSON format |
AuditTrail is deployed to a Docker Swarm cluster on a GCP VM using GitHub Actions. The workflow includes:
- Running tests with MongoDB and Redis dependencies
- Building and pushing the Docker image to Docker Hub
- Deploying to Docker Swarm via SSH
The deploy.yml in .github/workflows automates:
- Testing with
python manage.py test - Building the Docker image
- Deploying to Docker Swarm on the remote GCP VM
Ensure the GCP VM has:
- Docker and Docker Swarm initialized
- Firewall rules allowing ports:
- 22 (SSH)
- 8000 (API)
- 27017 (MongoDB)
- 6379 (Redis)
- 9090 (Prometheus)
We welcome contributions to AuditTrail! Please feel free to submit issues and pull requests. Before contributing, please read our contributing guidelines.
This project is licensed under the MIT License - see the LICENSE file for details.
For support, please open an issue in the GitHub repository or contact the maintainers.