Skip to main content

HMAC-chained audit log

Tamper-evident. Even against DBAs.

Every privileged action writes an audit row. Per-row HMAC-SHA256 signed by the server secret; v3 canonical adds prev_row_hmac so consecutive rows form a chain. Deleting any row breaks the next row's anchor, detected by verify_chain.

Preview
z4j dashboard — HMAC-chained audit log
Audit log HMAC-chained · tamper-evident Chain verified · 12,483 rows 14:32:18 alice@... task.retry email.send_welcome hmac ✓ 14:30:05 bob@... queue.purge dead-letter.failed hmac ✓ 14:28:41 alice@... schedule.create daily-digest hmac ✓ 14:25:12 system auth.login_failed 10.0.12.5 hmac ✓ 14:22:38 bob@... membership.role_changed carlos@... → admin hmac ✓ 14:19:14 alice@... agent.token_minted web-prod-01 hmac ✓

Mockup of the dashboard view for this feature. Live-reloading and themed to match your dashboard.

Ships with

  • Per-row HMAC (tamper-evident against modification)
  • Chain anchor (tamper-evident against deletion)
  • verify_chain walker for offline audit
  • Row id folded into HMAC input (prevents row cloning)
Related

More capabilities

Unified action surface

One button set. Every engine.

Learn more

Stuck-task reconciliation

Tasks started forever. Fixed, automatically.

Learn more

Historical trends

Success rate, failure rate, throughput over time.

Learn more

Ready to try z4j?

Install z4j Feature docs