Skip to content

feat: Event-Sourced Audit Trail with Replay Capability #32

Open
Open
feat: Event-Sourced Audit Trail with Replay Capability#32
Labels
enhancementNew feature or request
@mjunaidca

Description

@mjunaidca
mjunaidca
opened on Dec 12, 2025

Summary

Migrate from direct DB audit inserts to event-sourced architecture, enabling audit replay, time-travel debugging, and event-driven projections.

Current State

  • Audit entries written directly to PostgreSQL audit_log table
  • No replay capability — if projection is wrong, must fix manually
  • Tightly coupled to DB schema

Proposed Architecture

┌─────────────┐     ┌─────────────┐     ┌─────────────────┐     ┌─────────────┐
│ Any Action  │────►│ Dapr        │────►│ Audit           │────►│ Event Store │
│             │     │ PubSub      │     │ Consumer        │     │ (append-only)
│             │     │ "audit"     │     │                 │     │             │
└─────────────┘     └─────────────┘     └─────────────────┘     └─────────────┘
                                                │
                                                ▼
                                        ┌─────────────────┐
                                        │ Projections     │
                                        │ (rebuild on     │
                                        │  demand)        │
                                        └─────────────────┘

Implementation Steps

  • Define audit event schema (CloudEvents format)
  • Create audit-events Dapr PubSub topic
  • Modify log_action() to publish events instead of direct DB insert
  • Create Audit Consumer service
  • Implement append-only event store (can start with PostgreSQL table)
  • Add projection builder for current audit view
  • Implement replay command for rebuilding projections
  • Add event versioning for schema evolution

Acceptance Criteria

  • All audit entries flow through event stream
  • Can replay events to rebuild audit table from scratch
  • Event store is append-only (immutable history)
  • Projections can be rebuilt without data loss
  • Works with Dapr PubSub (Redis now, Kafka later)

Technical Notes

  • Start simple: PostgreSQL as event store, single projection
  • Consider EventStoreDB or Kafka for production scale
  • Event versioning critical for schema evolution
  • Idempotency keys prevent duplicate processing

Labels

enhancement learning event-driven architecture phase-v2

📚 Learning Goal: Event Sourcing & CQRS patterns

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions