Logging & Observability

Audit Log Feature

Zuplo has a built-in auditing feature that can write output to a selection of data sinks.

If enabled, the Audit Log feature logs full details of

The request including URL, headers (optional), and full body (optional)
The response including status, headers (optional) and full body (optional)

These can then be written to a configured Audit Log Output Provider of your choosing, like AstraDB by DataStax. Contact support@zuplo.com to request a new provider.

While you can use it on any tier in working-copy, the Audit Log capability is an enterprise feature. Contact us to have Audit Logging enabled for your enterprise deployment. Pricing

Configuring Audit Log

Audit Logging is enabled via a plugin that's registered in the zuplo.runtime.ts runtime extensions module; learn more about runtime extensions. The following example configures Audit Log to write to a DataStax Astra DB collection.

Note you must provide the full URL to the collection, for example https://<id-and-region>.apps.astra.datastax.com/api/rest/v2/namespaces/<namespace>/collections/<collection>


Code
import {
  AuditLogDataStaxProvider,
  AuditLogPlugin,
  RuntimeExtensions,
} from "@zuplo/runtime";

export function runtimeInit(runtime: RuntimeExtensions) {
  runtime.addPlugin(
    new AuditLogPlugin(
      new AuditLogDataStaxProvider({
        url: "THE_FULL_URL_TO_YOUR_COLLECTION_HERE",
        xCassandraToken: "YOUR_API_KEY_HERE",
      }),
      {
        include: {
          request: {
            body: false,
          },
          response: {
            headers: false,
          },
        },
      },
    ),
  );
}

Note the use of options to disable capture of the full request body and full response headers.

This feature logs API request and response data. For account-level activity tracking (project changes, team management, deployments), see Account Audit Logs.

Edit this page

Last modified on March 23, 2026

Console Logging RequestUser

Configuring Audit Log

Note you must provide the full URL to the collection, for example https://<id-and-region>.apps.astra.datastax.com/api/rest/v2/namespaces/<namespace>/collections/<collection>

Code

import {
  AuditLogDataStaxProvider,
  AuditLogPlugin,
  RuntimeExtensions,
} from "@zuplo/runtime";

export function runtimeInit(runtime: RuntimeExtensions) {
  runtime.addPlugin(
    new AuditLogPlugin(
      new AuditLogDataStaxProvider({
        url: "THE_FULL_URL_TO_YOUR_COLLECTION_HERE",
        xCassandraToken: "YOUR_API_KEY_HERE",
      }),
      {
        include: {
          request: {
            body: false,
          },
          response: {
            headers: false,
          },
        },
      },
    ),
  );
}

Note the use of options to disable capture of the full request body and full response headers.

This feature logs API request and response data. For account-level activity tracking (project changes, team management, deployments), see Account Audit Logs.

Edit this page

Last modified on March 23, 2026