Audit & Logging β
KeyRunner provides structured logging across three layers to ensure traceability, accountability, and compliance visibility for enterprise environments.
π Overview of Log Types β
| Log Type | Purpose |
|---|---|
| Application Logs | Track internal events like KeyConnector lifecycle, request execution, and runtime diagnostics |
| Audit Logs | Capture security-critical actions like KCSV variable access, user role changes, etc. |
| Access Logs | Record user sessions, logins, geo-tracking, and endpoint actions |
βοΈ Application Logs β
Format: Date | Log Statement
Covers operational and runtime events:
- KeyConnector startup/shutdown
- Request execution start/end
- Errors or retries during execution
- Health check trigger events
Example:
2025-04-12 07:21:05 | KeyConnector started
2025-04-12 07:22:10 | Executing request flow: user-login-check
2025-04-12 07:22:12 | KeyConnector stoppedπ‘οΈ Audit Logs β
Format: Date | Log Statement
Focus on sensitive operations and audit-critical events:
- KCSV variable access (which variables were used and by what request)
- Role changes (e.g., editor β tenant admin)
- User permission updates
- Manual reactivation or disabling of users
Example:
2025-04-12 07:28:03 | kcsv variables retrieved for request: 66f94737d8af16215ca6dcdc.test
2025-04-12 07:28:05 | kcsv variables retrieved for request: test-secret-for-vault-testing.test, keyrunnerAPIToken
2025-04-12 07:30:00 | Role changed: johndoe@keyrunner.app β Tenant Admin, Editorπ Access Logs β
Format: Date | IP Address | User | Geo | Action
Capture endpoint access and session behavior:
- Login attempts (success/failure)
- API key generation
- User session expiration/logout
Example:
2025-04-12 08:02:55 | 103.44.55.21 | johndoe@keyrunner.app | USA | Login success
2025-04-12 08:03:12 | 103.44.55.21 | johndoe2@keyrunner.app | Brazil | Login failureπ§ Best Practices β
- Regularly export audit logs for compliance archiving (SOC 2, ISO 27001, etc.)
- Set up alerts on critical audit events (e.g., new admin role assignments)
- Monitor access logs for unusual login patterns
- Use log analysis tools for correlation and alerting
Logs are a core part of KeyRunnerβs zero-trust foundation β ensuring every sensitive action or access path is trackable, verifiable, and accountable.