Patterns

Audit Log

An audit log is an append-only table that records every meaningful write to your database. Each row carries: the user, the connection, the table, the primary key, the verb (insert / update / delete), the HTTP status, and ideally a snapshot of the row before and after the change.

Why bother: when something goes wrong, you want to answer "who or what changed this, when, and what did it look like before?" without spelunking application logs. For AI-paired teams, the audit log is also how you know whether a change was human-initiated or agent- initiated.

2026 best practice: the audit log lives in Postgres next to the business data. Writes go through a single helper that captures the row. RLS is on; only the owner can read their entries. For compliance-tagged workloads, retain the log indefinitely; for operational use, 90 days is usually enough.

Read further

ArticleWhen AI shouldn't write directly
ArticleAI-assisted database admin