Audit Logging
Audit logging provides a chronological record of changes made by users within the Socotra Insurance Suite.
Users with events.read and events.list permissions can view audit log entries through the Events API.
New entries are added to the audit log whenever changes occur to entities like quotes, policies, and invoices.
Refer to our documentation on Event Definitions for a comprehensive list of events that support audit logging.
Use Cases
Benefits of audit logging include:
- Detecting security breaches
- Investigating unauthorized activity and operational issues
- Fulfilling regulatory requirements
- Supporting legal documentation
Viewing the Audit Log
Users can view a list of all audit log entries for a tenant within a time range through the Fetch Multiple Events API endpoint.
The request for this endpoint requires a tenant locator and a start timestamp and/or an end timestamp.
For example:
| Parameter | Value |
|---|---|
| tenantLocator | 01Y8FGF6FGE5JAX |
| startTimestamp | 2025-07-18T00:00:00.0Z |
| endTimestamp | 2025-07-21T00:00:00.0Z |
Users can also search by event type using the type parameter.
Limit the number of entries shown in the response using the pageSize parameter, and search by page ID using the pagingToken parameter.
For example:
| Parameter | Value |
|---|---|
| type | policy.account.create |
| pageSize | 3 |
| pagingToken | eyJW1lDWkpBNUJFSlJYUkEifQ== |
The response from the Fetch Multiple Events API endpoint contains the following fields:
Required properties
| Property | Type | Description |
|---|---|---|
locator | ulid | |
userLocator | uuid | |
requestId | ulid | Identifier of the transaction request that triggered the event |
timestamp | datetime | |
type | string | |
data | map<string, object> |