MarketHub
Audit Log
The audit log provides an immutable, searchable record of every admin action taken on the marketplace — ensuring full non-repudiability and supporting governance, compliance, and incident investigation.
What Is Logged
Every state-changing admin action creates an audit log entry. Log entries cannot be deleted or edited — they are append-only.
| Action Category | Example Events |
|---|---|
| Package Management | Package approved, Package rejected, Package delisted, Package featured, Package unfeatured |
| Review Moderation | Review removed, Review flag dismissed, Review warning issued |
| Rules Management | Forbidden pattern added, Category created, Submission requirement changed |
| Rewards | Points awarded, Badge granted, Tier promoted, Bulk reward applied, Award approved (dual-approval) |
| Publisher Actions | Publisher account suspended, Publisher warning issued |
| Issue Management | Issue resolved, Issue escalated, Issue closed |
Audit Log Entry Fields
| Field | Description |
|---|---|
| Timestamp | UTC timestamp of the action — millisecond precision |
| Admin User | Username and display name of the admin who performed the action |
| Action Type | Categorized action code (e.g., PACKAGE_APPROVED, REVIEW_REMOVED) |
| Target Entity | Package ID, Publisher ID, Review ID, or other entity affected |
| Before State | Snapshot of the entity state before the action (JSON) |
| After State | Snapshot of the entity state after the action (JSON) |
| Reason / Notes | Admin-provided justification text (required for destructive actions) |
| IP Address | Source IP of the admin session — for security investigation |
Search and Filter
The audit log supports filtering by:
- Date range — Any custom range; defaults to last 7 days
- Admin user — Filter to see all actions by a specific admin
- Action type — Multi-select from the action type list
- Entity — Search by Package ID, Publisher ID, or Publisher name
Immutability guarantee
Audit log entries cannot be modified or deleted — even by super-admins. The log is stored in an append-only data store. Any attempt to modify log entries is itself logged as a security event and triggers an alert to the platform operator.