Audit Logs

View and analyze the cryptographic operations audit trail in 4Quays

Every cryptographic operation in 4Quays is logged. The audit trail provides compliance evidence and operational visibility without storing sensitive payload content.

What's Logged

Each operation record includes:

Field	Description
Request ID	Unique identifier for the operation
Timestamp	When the operation occurred
Application	Source service that made the request
Policy	Policy number used
Destination	Target service
Operation	protect, unprotect, sign, verify
Algorithm	Cryptographic algorithm used
Key ID	Key used for the operation
Payload Size	Size of input payload (bytes)
Response Status	Success or error code
Response Time	Processing duration (ms)
Error Message	Details if operation failed

What's NOT Logged

The audit trail never stores:

Plaintext payload content
Encrypted payload content
Key material
Request body details

Viewing Audit Logs

Via Dashboard

Navigate to Audit Log in the sidebar
Use filters to narrow results:
- Date range
- Application
- Policy
- Operation type
- Status (success/error)
Click any row for full details

Via API

const response = await fetch('https://api.4quays.com/admin/audit', {
  method: 'GET',
  headers: {
    'Authorization': `Bearer ${adminApiKey}`,
  },
  params: {
    from: '2026-02-01T00:00:00Z',
    to: '2026-02-09T23:59:59Z',
    policyNumber: 'RBC-TRANSFER-001',
    status: 'success',
    limit: 100,
  },
});

const logs = await response.json();

Filtering Options

By Time

{
  from: '2026-02-01T00:00:00Z',
  to: '2026-02-09T23:59:59Z',
}

By Application

{
  applicationId: 'banking-service-id',
}

By Policy

{
  policyNumber: 'RBC-TRANSFER-001',
}

By Operation Type

{
  operation: 'protect',  // or 'unprotect'
}

By Status

{
  status: 'success',  // or 'error'
}

By Error Code

{
  errorCode: 'KEY_EXPIRED',
}

Audit Log Details

Click on any log entry to see full details:

{
  "requestId": "req_abc123",
  "timestamp": "2026-02-09T10:30:00.000Z",
  "application": {
    "id": "app_xyz",
    "name": "Banking Service"
  },
  "policy": {
    "number": "RBC-TRANSFER-001",
    "version": 2
  },
  "destination": {
    "id": "svc_rbc",
    "name": "RBC Transfer API"
  },
  "operation": "protect",
  "algorithm": {
    "encryption": "AES-256-GCM",
    "keyWrapping": "RSA-2048"
  },
  "key": {
    "id": "key_456",
    "fingerprint": "SHA256:abc..."
  },
  "payloadSizeBytes": 1024,
  "responseStatus": 200,
  "responseTimeMs": 45,
  "errorMessage": null,
  "errorCode": null
}

Analytics and Reporting

Operations Dashboard

The audit dashboard shows:

Operations per minute/hour/day
Success rate
Average latency
Error breakdown by type
Algorithm distribution

Compliance Reports

Generate compliance reports:

const response = await fetch('https://api.4quays.com/admin/audit/report', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${adminApiKey}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    reportType: 'compliance',
    from: '2026-01-01T00:00:00Z',
    to: '2026-02-09T23:59:59Z',
    format: 'pdf',
  }),
});

Reports include:

Total operations by algorithm
Key usage summary
Error analysis
Policy usage statistics

Algorithm Adoption Tracking

Monitor algorithm transitions:

const response = await fetch('https://api.4quays.com/admin/audit/algorithms', {
  method: 'GET',
  headers: {
    'Authorization': `Bearer ${adminApiKey}`,
  },
  params: {
    from: '2026-01-01T00:00:00Z',
    to: '2026-02-09T23:59:59Z',
  },
});

const { algorithms } = await response.json();
// { "AES-256-GCM+RSA-2048": 45000, "AES-256-GCM+ML-KEM-768": 5000 }

Exporting Audit Data

CSV Export

const response = await fetch('https://api.4quays.com/admin/audit/export', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${adminApiKey}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    from: '2026-02-01T00:00:00Z',
    to: '2026-02-09T23:59:59Z',
    format: 'csv',
  }),
});

const csvData = await response.text();

JSON Export

{
  format: 'json',
}

Log Retention

Default retention periods:

Data Type	Retention
Operation logs	90 days
Error logs	1 year
Compliance reports	7 years

Configure custom retention in organization settings.

Integration with External Systems

Webhook Notifications

Send audit events to external systems:

await fetch('https://api.4quays.com/admin/webhooks', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${adminApiKey}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    url: 'https://your-siem.example.com/events',
    events: ['operation.error', 'key.rotated'],
    secret: 'webhook-signing-secret',
  }),
});

SIEM Integration

Export to common SIEM formats:

Splunk (HEC format)
Elasticsearch
CloudWatch Logs
Azure Monitor

Debugging with Audit Logs

When debugging integration issues:

Get the request ID from your application logs
Search audit logs by request ID
Check error details for specific failure reasons
Verify algorithm and key used
Check response time for latency issues

// Search by request ID
const response = await fetch(
  `https://api.4quays.com/admin/audit/${requestId}`,
  {
    headers: {
      'Authorization': `Bearer ${adminApiKey}`,
    },
  }
);

Best Practices

Regular Review

Review error logs daily
Analyze algorithm distribution weekly
Generate compliance reports monthly

Alerting

Set up alerts for:

Error rate exceeds threshold
Specific error codes (KEY_EXPIRED, POLICY_NOT_FOUND)
Unusual operation volume
New algorithms in use

Retention Planning

Understand compliance requirements
Configure appropriate retention periods
Plan for data growth

What's Next

API Reference — Detailed API documentation
Error Handling — Understanding error codes