Audit Trail

Governed changes.
Clear actors.
Useful timestamps.

An append-only, SQL-queryable audit log for governed platform and tenant operations. Every row change captures field-level before/after diffs and the actor — no app code required. Query by actor, action, resource, environment, and time.

Start building See It In Action

Audit Log

Append-only

ID

Action

Actor

Resource

Env

Time

EVT-4821

release.pinned

sarah.chen

capsule/orders-v2.3.0

PROD

14:32:07

EVT-4820

env.promoted

mike.ross

env/test → prod

TEST

14:31:55

EVT-4819

row.updated

j.martinez

orders/8f3a · status △

PROD

14:31:48

EVT-4818

role.assigned

admin

user/j.martinez → developer

ALL

14:31:21

EVT-4817

app.deployed

ci-pipeline

app/dashboard-v1.8.2

DEV

14:30:36

EVT-4816

permission.denied

guest-user

api/v1/orders

PROD

14:29:50

Immutable Trail

Append-only at the database level.
Structured for traceability.

Relpin captures tenant audit events for governed platform paths — schema, data-access, build, deploy, and lifecycle changes — plus automatic row-level capture on every user table. Append-only is enforced by database privileges: tenant roles get SELECT and INSERT only.

01

Row-level capture

Database triggers record field-level before/after diffs and the actor on every insert, update, and delete — no app code required.

02

Append-only by privilege

Tenant roles get SELECT and INSERT only, so audit rows are never edited or deleted in place — enforced by Postgres, not convention.

03

Governed paths

Schema, data-access, build, deploy, and lifecycle changes write tenant audit events alongside row-level history.

Immutable Trail

Mutable logs (others)

× Logs can be edited or deleted

× No integrity verification

× Gaps in coverage

× Limited retention periods

× No integrity guarantees

Immutable trail (Relpin)

✓ Append-only enforced by DB privileges

✓ Row-level before/after diffs with actor

✓ Structured events with full context

✓ Governed-path coverage

✓ Traceable by design

Automatic row-level capture with field-level before/after diffs and actor — no app code

Append-only enforced by database privileges: tenant roles get SELECT and INSERT only

Release, deploy, schema, data-access, and lifecycle events are in scope

Structured event format with actor, action, resource, and timestamp

Append-only by privilege · Row-level diffs · Tenant audit events · Structured context

Query & Filter

SQL on your audit log.
Not a search bar.

Query audit-backed event records with SQL-oriented filters for actor, action, resource, environment, and time range. Avoid benchmark claims until production data proves them.

01

SQL-native

Query audit records with the same SQL surface as the rest of your governed data plane.

02

Multi-dimensional

Filter by actor, action, resource, environment, and time range without bespoke search bars.

03

Parameterized

Prepared statements only — no string concatenation, no SQL-injection surface for audit queries.

Query & Filter

Audit Query

1SELECT

2 event_id,

3 action,

4 actor,

5 resource,

6 timestamp

7FROM audit_events

8WHERE actor = 'sarah.chen'

9 AND action LIKE 'release.%'

10 AND env = 'prod'

11 AND timestamp > NOW() - INTERVAL '7 days'

12ORDER BY timestamp DESC;

Results 12 rows · parameterized

event_id

action

resource

time

EVT-4821

release.pinned

orders-v2.3.0

2m ago

EVT-4798

release.pinned

auth-v1.5.1

3h ago

EVT-4756

release.rolled_back

dashboard-v1.7

1d ago

EVT-4712

release.approved

orders-v2.2.0

3d ago

Rows 12

Time parameterized

Scanned 2.4M events

SQL-queryable audit records for governed event paths

Filter by actor, action, resource, environment, and time range

Parameterized queries with prepared statements

Structured for time-range and resource-oriented investigation

SQL-queryable · Actor/resource filters · Parameterized · Time-range oriented

Compliance

Compliance workflows.
Planned reporting.

Planned report templates will use the same tenant audit history for common audit and compliance workflows. Formal framework-specific reporting should stay explicit and reviewed.

01

Reviewed exports

Auditor-facing summaries go through review before rollout — no auto-published "compliance" claims.

02

Planned templates

Report templates aimed at common audit workflows, finalized with customer requirements.

03

Export options

Export formats and scheduled delivery sit on the reporting roadmap, not the launch surface.

Compliance

Report Config

Framework

SOC 2 Type II ▼

Period

2025-Q4

Format

PDF ▼

Scope

All environments · All actors

Generate Report

Reporting Areas

Data protection planned

Privacy-oriented audit summaries

Control evidence planned

Operational control review packets

Security review planned

Access and change-history exports

Customer audit planned

Customer-specific evidence bundles

Planned report templates for common compliance workflows

Export formats to be defined with customer requirements

Auditor-facing summaries require review before rollout

Scheduled delivery belongs on the reporting roadmap

Planned templates · Reviewed exports · Audit-friendly workflows

Realtime Stream Planned

Event delivery.
Planned destinations.

Planned event streaming will target webhook and security-tool destinations while preserving retry, signature, and audit semantics.

01

Webhook delivery

Planned event streaming to webhook endpoints with signature and destination policy.

02

Retry semantics

Retry and dead-letter behavior finalized per destination — not a single hard-coded policy.

03

Security tooling

SIEM-class destinations on the roadmap, sharing the same audit semantics as Relpin queries.

Planned Planned capability — preview only

Realtime Stream

Event Stream (preview)

Planned

release.pinned sarah.chen

delivered 2s ago

env.promoted mike.ross

delivered 8s ago

role.assigned admin

delivered 31s ago

app.deployed ci-pipeline

delivered 45s ago

Webhook Config

Endpoint URL

https://siem.acme.com/webhooks/relpin

Auth

HMAC-SHA256

Retry

3x exponential

Filter

action IN ('release.*', 'env.*', 'row.*')

Delivery Stats (24h)

Plan

delivery

Retry

semantics

HMAC

planned

Event delivery to webhook endpoints

Retry and dead-letter semantics to be finalized per destination

Security-tool integration support planned

Webhook signatures and destination policy planned

Planned streaming · Retry semantics · Security tooling · Webhook signatures

Use Cases

What teams use it for.

From compliance audits to incident investigations, the audit trail is the foundation for accountability and security.

Compliance

Regulatory compliance audits

Prepare reviewed audit exports and evidence packages from tenant audit history.

Incident Response

Incident investigation

Reconstruct the exact sequence of events leading to any incident with SQL-queryable logs.

Access Reviews

Periodic access reviews

Review governed access and platform activity by actor, role, environment, or resource.

Change Tracking

Configuration change tracking

Track every configuration change across environments with before/after snapshots.

Regulatory Reporting

Automated regulatory reports

Planned scheduled delivery for reviewed audit and compliance report packages.

Security Forensics

Security forensics

Investigate denied or suspicious platform activity with available actor, session, and action context.

Investigation workflows · Tenant audit history · Reporting roadmap

Audit Trail

Stop guessing what happened.
Start knowing.

Tenant audit events, SQL-queryable history, and a reporting roadmap for teams that need operational accountability.

Start building Explore the platform

Open beta · Demo workspace included · Governance-focused

Tenant audit events · SQL-queryable · Reporting roadmap · Planned streaming