stealthfirems/laravel-audit-module

Auditor module for Laravel applications.

v0.2.4 2025-05-10 09:58 UTC

This package is not auto-updated.

Last update: 2025-06-19 11:48:35 UTC


README

A module to provide the ability and flexibility to easily audit events and actions that happen within your Laravel application. Designed around StealthFireMS Laravel applications

Installation

install the package via composer:

composer require stealthfirems/laravel-audit-module

run this

php artisan vendor:publish --provider="StealthFireMS\LaravelAuditModule\Providers\AuditModuleServiceProvider" --tag="AuditModule"

Once you've done this, run your migrations. This will create a table called audit_logs.

php artisan migrate

Configuration

Variables for your root.env file

Base template

AUDIT_MODULE_RETENTION=30
AUDIT_MODULE_OBFUSCATE_IP=false
AUDIT_MODULE_TABLE_NAME=audit_logs # table name

Obfuscating the IP address for compliance

You can easily obfuscate IP addresses that are submitted to the database by setting the AUDIT_MODULE_OBFUSCATE_IP variable in your .env file to true. This will strip the first two octets of an IP address, ensuring it meets various compliance laws, such as GDPR. Behind the scenes this switches the default IP address fetcher with an Obfuscated IP fetcher.

Setting the retention duration

You can define how many days your logs should be kept for by setting the AUDIT_MODULE_RETENTION in your .env file. If you want to keep all logs indefinitely, set this to 0.

Every time the audit logs are pruned, this will be recorded as an audit log itself.

Usage

There are multiple ways you can use this package. The most common way is to use the audit helper function.

Using the global audit helper

The audit helper function is an easy way to quickly log to the audits table. This function takes a string as the first argument, and an optional array (context) as the second argument. This will only work if you don't already have a global function called audit.

Example 1:

audit('login', [
    'severity' => 'info',
]);

Example 2:

audit('logout', [
    'severity' => 'info',
    'context'=> '$FailedEmailAddress',
]);

Helper Break Down:

audit('Action be performed', [
    'severity' => 'serverity of the action being logged',
    'context' => 'Extra content being stored in the log'
]);

Table Break down

$table->bigIncrements('id'); // Primary key for the log entry

$table->string('action')->index(); //Action being performed in the log

$table->string('severity')->index(); // Severity level of the log | default is 'info'

$table->longText('context')->nullable()->default(null); // Contextual information about the action

$table->string('type')->; //User or system action | System by default unless user is specified

$table->unsignedBigInteger('user_id')->index()->nullable(); // ID of the user performing the action

$table->string('guard')->nullable(); // Guard used for authentication

$table->string('ip_address'); // IP address of the user performing the action

$table->timestamp('created_at')->useCurrent(); // Timestamp of when the log was created

Binding to events

If you want to audit an event that happens within your application, you can do so by using the IsAuditableEvent interface. Coupled with AuditableEvent, this will automatically log the event to the audit log.

Here's an example of an event that utilises the IsAuditableEvent interface:

// import our contract & trait
use StealthFireMS\LaravelAuditModule\Contracts\IsAuditableEvent;
use StealthFireMS\LaravelAuditModule\Traits\AuditableEvent;

class MyCustomEvent implements IsAuditableEvent
{
    use AuditableEvent;

    public function handle()
    {
        // ToDo: your event logic.
    }
    
    // optional - by default will be handled by the AuditableEvent trait
    public function getAuditMessage(): string
    {
        return 'Action performed';
    }
    
    // optional - by default will be handled by the AuditableEvent trait
    public function getAuditContext(): array
    {
        return ['more_data' => 'Goes here'];
    }
}

Using the AuditableModel trait on Models

If you have a model that you'd like to be audited on change, you can use the AuditableModel trait. By default, this will record all creations, updates and deletions for this model to the audit log. This uses Laravel model observers to listen for changes. By default, the created_at and updated_at columns are excluded from auditing.

use Illuminate\Database\Eloquent\Model;
use StealthFireMS\LaravelAuditModule\Traits\AuditableModel;

class YourModel extends Model
{
    use AuditableModel;
    
    /**
    * An array of columns that shouldn't be audited.
    * @var array|string[] 
    */
    protected array $excludedFromAuditing = [
        'created_at',
        'updated_at',
    ];
}

Customising the AuditableModel functionality

If you'd like to expand the functionality of the AuditableModel trait, you can override its observer by configuring the observer key in the config file. This will allow you to create your own model observer.

use StealthFireMS\LaravelAuditModule\Observers\AuditableModelObserver as BaseObserver;

class AuditableObserver extends BaseObserver
{
    // your custom classes here
    // see https://laravel.com/docs/11.x/eloquent#observers for more information
}

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security-related issues use the issue tracker.

License

The MIT License (MIT). Please see License File for more information.