Audit Logging

Options

Name	Default	Description	Type	Since
enabled	false	If true, audit logging is enabled for all APIs. APIs can be explicitly disabled in the API configuration. Audit logging is globally disabled if false.	boolean	4.8
retries	3	Indicates how often the write process should be retried on errors. Should be set to 0 if no retries are desired. If writing fails after the specified number of retries, the log entry will be written to the application log.	number	4.8
pathPrefix	{api}/{date}	Specifies the path to prepend to the log file. {api} and {date} are replaced with the API ID and the request's ISO date, respectively. For example, log files for {api}/foo/{date}/bar would be stored at resources/logs/audit/vineyards/foo/2026-06-03/bar.	string	4.8
type	JSON	Specifies the format in which logs are stored. Currently supported: JSON and JSON_PRETTY (formatted JSON).	string	4.8
headers	included: [ '*' ], excluded: []	The included list specifies which headers should be logged. The excluded list specifies which headers from included should not be logged. The special value * can be used for both lists and covers all headers. If excluded: [ '*' ], no headers are logged.	object	4.8
claims	included: [], excluded: []	Specifies which claims from the token should be logged and which should explicitly not be logged. Uses the same included/excluded logic as headers.	object	4.8
httpStatus	included: [ '200' ], excluded: []	Specifies for which HTTP status codes requests should be logged and which should explicitly not be logged. Uses the same included/excluded logic as headers.	object	4.8

Storage

The log entries are stored in the resource store in the logs/audit directory. The file name matches the request id from the application log.

Example

auditLog:
 enabled: true
 retries: 3
 type: JSON_PRETTY
 pathPrefix: "mysubdirectory/{api}/{date}"
 headers:
   included: [ "*" ]
   excluded: [ "Accept" ]
 claims:
   included: [ "*" ]
   excluded: [ ]
 httpStatus:
   included: [ "200" ]
   excluded: [ ]