Audit Logs
Enterprise-grade audit logs in four API calls.
Stop losing deals to security questionnaires. Primatomic gives you immutable, queryable audit trails without building a pipeline.
Without Primatomic
Append rows to an activity_log table
Write custom queries for every audit report
Hope nobody truncated the table
Scramble when an auditor asks "show me all changes to X in Q3"
With Primatomic
Append structured events to an immutable log
Deploy a WASM view that materializes any report shape
S3-backed, append-only, tamper-evident by design
Query the materialized view with a time range filter
How it works
Four calls to production audit logs
Create an audit log
Create a dedicated log for each tenant or domain.
Append events at each mutation
Log structured audit events wherever your app mutates state.
Deploy a compliance view
Upload a WASM function that materializes the report shape you need.
Query for auditors
Query the view with time ranges, filters, or any parameters your auditors require.
# Create an audit log
POST /logs
-d '{"name": "tenant-acme-audit"}'
→ {"log_id": "550e8400..."}
# Append an audit event
POST /logs/$LOG_ID/append
-d '{"type": "record.updated", "actor": "user_8f3a",
"resource": "invoice_2291",
"changes": {"status": ["draft", "sent"]},
"ip": "192.168.1.42"}'
→ {"sequence": 1}
# Deploy a compliance view
POST /logs/$LOG_ID/views/compliance-report
--data-binary @compliance.wasm
→ {"view_id": "7c9e2f01..."}
# Query for Q1 audit report
POST /logs/$LOG_ID/views/compliance-report/query
?after=2025-01-01&before=2025-03-31
→ {"changes_by_resource": [...], "actions_by_actor": [...]}Why Primatomic
Immutable by default.
Events cannot be modified or deleted. Your auditors get a tamper-evident record without you building anything extra.
Any report shape, on demand.
Deploy a new WASM view to answer a new compliance question. No schema migrations, no new tables.
Read-after-write consistency.
The moment you log an event, it's queryable. No eventual consistency gaps for auditors to find.
How Primatomic compares
| Primatomic | WorkOS Audit Logs | DIY (Postgres table) | |
|---|---|---|---|
| Time to integrate | Hours | Hours (bundled with auth) | Days to weeks |
| Custom report shapes | Deploy any WASM view | Fixed schema | Build each query |
| Immutability guarantee | Append-only + S3 archive | Depends on storage | Your responsibility |
| Standalone product | Yes | Requires WorkOS auth | N/A |
| Historical replay | Built-in | No | Build it yourself |
Add audit logs today.
Start on the free tier. Ship SOC 2 compliant audit trails this week.