Skip to main content
Audit logs are currently available in private preview. Contact your Orb representative to enable this feature for your account.
Audit logs provide a comprehensive record of actions taken within your Orb account, helping you maintain security compliance, investigate incidents, and meet regulatory requirements.

What audit logs capture

Each audit log entry records detailed information about an action performed in Orb:
FieldDescription
ActionThe specific operation performed (e.g., customer.created, subscription.cancelled)
Occurred atTimestamp of when the action took place
ActorWho performed the action, including their type (e.g., api_key, user) and identifier
TargetsThe resources affected by the action (e.g., customer ID, subscription ID)
ContextRequest metadata including IP address and user agent
EnvironmentWhether the action occurred in live mode or test mode

Tracked actions

Audit logs are generated for:
  • Authentication events: User logins and provisioning events
  • Write operations: Create, update, and delete actions across core Orb resources including customers, subscriptions, invoices, plans, and metrics

Sample audit log event

{
  "action": "subscription.cancelled",
  "occurred_at": "2025-01-15T14:30:00Z",
  "actor": {
    "type": "api_key",
    "id": "api_key_12345",
    "name": "Production API Key"
  },
  "targets": [
    {
      "type": "subscription",
      "id": "sub_abc123"
    }
  ],
  "context": {
    "location": "192.0.2.1",
    "user_agent": "orb-python/1.0.0"
  },
  "metadata": {
    "account_id": "acct_xyz789",
    "environment": "live"
  }
}

Data privacy

Audit logs capture metadata about actions, not the content of those actions. Specifically, API request and response bodies are not included in audit log entries. This ensures sensitive customer data remains protected while still providing a complete audit trail of operations.

SIEM integration

Audit logs can be streamed in real-time to your Security Information and Event Management (SIEM) provider of choice. This allows you to:
  • Centralize security monitoring across all your systems
  • Set up alerts for suspicious activity
  • Correlate Orb events with other security data
  • Meet compliance requirements for log aggregation
Contact your Orb representative to configure streaming to your SIEM provider.

Retention

Audit log retention is configurable based on your compliance and operational needs. Work with your Orb representative to set up a retention policy that meets your requirements.