tsitsishvili / elastic-audit
Laravel package that logs third-party HTTP traffic (outgoing requests and incoming callbacks) and actor/model activity to a dedicated Elasticsearch cluster, with redaction, queued indexing, sampling, and optional dashboards.
Requires
- php: ^8.2
- elasticsearch/elasticsearch: ^8.5 || ^9.0
- guzzlehttp/psr7: ^2.0
- laravel/framework: ^12.0 || ^13.0
Requires (Dev)
- orchestra/testbench: ^10.0 || ^11.0
- phpunit/phpunit: ^10.0 || ^11.0 || ^12.0
README
Laravel package that logs third-party HTTP traffic and actor/model activity to a dedicated Elasticsearch cluster.
Elastic Audit is intended for internal applications that need a consistent audit/debug trail for provider calls, callbacks, latency, status codes, entity context, sanitized payload previews, and domain activity. The package has two independent subsystems that share one Elasticsearch connection:
- Audit logs / HTTP logs — outgoing third-party requests and incoming callbacks through the
HttpLogfacade and HTTP middleware. - Activity logs — actor actions and Eloquent model changes through the
ActivityLogfacade andActivityLoggabletrait.
Each subsystem has its own config, Elasticsearch index/aliases, queue, console commands, and optional dashboard, so an application can enable only what it needs.
Guides
- Audit Logs Guide — third-party HTTP request/callback logging, redaction, sampling, dashboards, and Elasticsearch queries.
- Activity Logs Guide — actor/entity activity logging, automatic Eloquent change capture, and the activity dashboard.
Screenshots
Quick Start
-
Add the package repository to the consuming application's
composer.json(see Installation). -
Install the package:
composer require tsitsishvili/elastic-audit
-
Publish config files and enum stubs (see Publish Configuration):
php artisan vendor:publish --tag=elastic-audit
-
Configure Elasticsearch and enable the subsystem you need in
.env(see Environment Variables and Register Application Enums). -
Install the lifecycle policy, then create the Elasticsearch indices and aliases (HTTP · Activity):
php artisan elastic-audit:lifecycle-policy php artisan http-logs:create-index php artisan activity-logs:create-index
-
Run a queue worker for the configured logs queue (see Queues):
php artisan queue:work --queue=default
For usage, see logging outgoing requests, logging incoming callbacks, and recording activity.
Requirements
- PHP
^8.2 - Laravel
^12.0 || ^13.0 - Elasticsearch PHP client
^8.5 || ^9.0 - A queue worker, because logs are indexed through queued jobs
Project Documents
Internal Versioning
Use Git tags as Composer versions.
git tag v1.0.0 git push origin v1.0.0
Recommended policy:
- Patch: bug fixes only, for example
v1.0.1 - Minor: backward-compatible features, for example
v1.1.0 - Major: breaking config, contract, class, or behavior changes, for example
v2.0.0
Applications should depend on stable tags:
{
"require": {
"tsitsishvili/elastic-audit": "^3.0"
}
}
Avoid using dev-main in production applications.

