Strapi Audit Logs Plugin

A comprehensive audit logging plugin for Strapi that tracks all user interactions and system events with a clean admin interface and automatic cleanup.

✨ Features

• 🔍 Comprehensive Logging: Track content operations, media uploads, user management, and authentication events
• 🎯 Smart Event Tracking: Automatically logs content creation, updates, deletions, publishing, and more
• 🔒 Data Security: Configurable sensitive data redaction
• 🗂️ Rich Admin UI: Beautiful interface with filtering, search, and detailed log views
• 🧹 Automatic Cleanup: Configurable log retention with manual cleanup option
• 📊 Detailed Logging: Captures user info, IP addresses, HTTP context, and operation details
• 🔐 Simple Permissions: Basic read access with super admin cleanup controls

🚀 Installation

Using NPM

npm install strapi-plugin-audit-logs

Using Yarn

yarn add strapi-plugin-audit-logs

⚙️ Configuration

After installation, you need to configure the plugin in your config/plugins.js (or config/plugins.ts for TypeScript):

module.exports = {
  "audit-logs": {
    enabled: true,
    config: {
      enabled: true,
      deletion: {
        enabled: true,
        frequency: "logAge",
        options: {
          value: 90,
          interval: "day",
        },
      },
      excludeContentTypes: [
        "plugin::any-custom-type.any-custom-type",
      ],
      excludeEndpoints: [
        "/_health",
        "/admin/renew-token",
        "/api/upload",
        "/api/any-custom-type/any-custom-route",
      ],
      redactedValues: [
        "password",
        "token",
        "jwt",
        "authorization",
        "secret",
        "key",
        "private",
      ],
      events: {
        track: [
          "entry.create",
          "entry.update",
          "entry.delete",
          "entry.publish",
          "entry.unpublish",
          "media.create",
          "media.delete",
          "media-folder.create",
          "media-folder.update",
          "media-folder.delete",
          "user.create",
          "user.update",
          "user.delete",
          "admin.auth.success",
          "admin.logout",
        ],
      },
    },
  },
};

TypeScript Configuration

For TypeScript projects, create or update config/plugins.ts:

export default {
  "audit-logs": {
    enabled: true,
    config: {
      // ... same configuration as above
    },
  },
};

🔧 Setup

1. Install the plugin using npm or yarn (see installation section above)

2. Configure the plugin in config/plugins.js or config/plugins.ts

3. Restart your Strapi application:

   npm run develop
   # or
   yarn develop

4. Set up permissions in the Strapi admin panel:

   • Go to Settings → Roles
   • Edit the roles that should have access to audit logs
   • Enable "View Audit Logs" permission for the Audit Logs plugin

📋 Configuration Options

Basic Configuration

enabled

• Type: boolean
• Default: true
• Description: Enable/disable the entire plugin

deletion

Configure automatic log cleanup:

• enabled: boolean - Enable automatic cleanup (runs daily at midnight)
• frequency: 'logAge' | 'logCount' - Cleanup strategy
• options:
  • For logAge: { value: 90, interval: 'day' } (delete logs older than 90 days)
  • For logCount: { value: 1000 } (keep only latest 1000 logs)

excludeEndpoints

Array of API endpoints to exclude from logging. Supports:

• Exact matches: /api/my-custom-endpoint
• Prefix matches: /admin/renew-token (matches /admin/renew-token/anything)
• Wildcards: /api/upload/* (matches any endpoint starting with /api/upload/)

redactedValues

Array of field names to redact in logged data for security purposes.

events

Configure automatic event tracking:

• track: string[] - Array of events to log automatically

📊 Tracked Events

The plugin automatically tracks these system events:

Content Events

• entry.create - Content entry created
• entry.update - Content entry updated
• entry.delete - Content entry deleted
• entry.publish - Content entry published
• entry.unpublish - Content entry unpublished

Media Events

• media.create - Media file uploaded
• media.delete - Media file deleted
• media-folder.create - Media folder created
• media-folder.update - Media folder updated
• media-folder.delete - Media folder deleted

User Events

• user.create - User account created
• user.update - User account updated
• user.delete - User account deleted

Authentication Events

• admin.auth.success - Successful admin login
• admin.logout - Admin logout

🎯 Usage

Accessing Audit Logs

1. Navigate to the Strapi admin panel
2. Look for "Audit Logs" in the main navigation menu
3. Click to view the audit logs interface

Viewing Logs

The audit logs interface provides:

• Table View: See all logs with action, date, user, method, status, and IP address
• Action Filter: Dropdown to filter by specific action types
• User Search: Text input to search by username or email
• Pagination: Navigate through large numbers of logs
• Details Modal: Click "View" to see full log details including JSON payload data

Log Details

Each log entry contains:

• Action: The type of action performed (with color-coded badges)
• Date: When the action occurred
• User: Who performed the action (username/email)
• Method: HTTP method used (GET, POST, PUT, DELETE)
• Status Code: Response status code (with color coding)
• IP Address: Client IP address
• User Agent: Client browser/application
• Payload Data: Full operation details in JSON format

Manual Cleanup

Super administrators can manually trigger log cleanup by clicking the "Cleanup Old Logs" button in the interface.

🔐 Permissions

The plugin uses a simplified permission system:

• View Audit Logs: Basic access to view the audit logs page and browse logs
• View Details: Access to detailed log information (available to all users with read access)
• Cleanup: Manual cleanup functionality (super administrators only)

To grant access:

1. Go to Settings → Roles
2. Select the role to modify
3. Under "Plugins" → "Audit Logs", enable "View Audit Logs"
4. Cleanup functionality is automatically available to super administrators

🔌 API Endpoints

The plugin provides these API endpoints (admin authentication required):

• GET /admin/audit-logs - List audit logs with filtering and pagination
• GET /admin/audit-logs/:id - Get specific log details
• GET /admin/audit-logs/count - Count total logs
• POST /admin/audit-logs/cleanup - Trigger manual cleanup (super admin only)

🗄️ Database Schema

The plugin creates an audit_logs table with these fields:

🔒 Security Considerations

• Sensitive data is automatically redacted based on configuration
• Logs are only accessible to users with proper permissions
• IP addresses and user agents are logged for security auditing
• Cleanup functionality restricted to super administrators
• Consider log retention policies for compliance requirements

🛠️ Troubleshooting

Plugin Not Appearing

1. Ensure the plugin is enabled in config/plugins.js
2. Restart Strapi after configuration changes
3. Check that your user role has the "View Audit Logs" permission

No Logs Being Created

1. Verify enabled: true in plugin configuration
2. Check that the events you want to track are in the events.track array
3. Restart Strapi after configuration changes
4. Look for error messages in Strapi logs

Performance Issues

1. Reduce the number of tracked events in configuration
2. Decrease log retention period for faster cleanup

🔄 Compatibility

• Strapi: 4.x
• Node.js: 18.x, 20.x
• Database: PostgreSQL, MySQL/MariaDB, SQLite
• Operating System: Windows, macOS, Linux

🤝 Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

This plugin was inspired by Strapi Enterprise Edition's audit logs feature and the community plugin by Marje3PSUT.

📞 Support

If you encounter any issues or have questions:

1. Check the troubleshooting section
2. Search existing GitHub issues
3. Create a new issue if needed