generated from coulomb/repo-seed
1.2 KiB
1.2 KiB
Pattern: Tenant Audit Log View
Status: seed Readiness target: RL4 regulated production Primary owners: product repos, NetKingdom, Railiance platform Genesis family: Detection and response
Problem
Enterprise tenants need visibility into relevant security events without being exposed to platform-only internals or other tenants' data.
Context
Use this pattern for tenant admin portals, compliance exports, data access events, privileged tenant actions, and platform actions that affect a tenant.
Forces
- Tenants need trust and accountability.
- Platform logs may contain sensitive internal details.
- Event redaction must preserve evidence value.
- Tenant exports require retention and integrity rules.
Solution
Project central audit events into tenant-scoped views with explicit visibility rules, redaction, retention, export controls, and access authorization.
Verification
- Tenants can see their own relevant events only.
- Platform-only fields are redacted or omitted.
- Tenant audit access is itself audited.
- Exports preserve integrity and retention rules.
Related Patterns
- Central Audit Ledger.
- Security Event Taxonomy.
- Tenant Context Propagation.
- Object-Level Authorization Check.