Inside Story: Audit & Events Tracking Feature With Our Customer Feedback

The Need for an Audit & Events Tracking Feature

The idea of this feature

Initially coming from customers feedbacks, the Audit & Events Tracking feature is designed to provide users with complete visibility of all changes made to their deployments and settings. At present, there's no simple way to know exactly what happened within an organization. There's no information on what parameter has been changed and when, who created an environment, or who triggered a deployment. Having a clear timeline of the events that happened in the organization (from a setting and deployment point of view) will empower internal and external users and simplify debugging in case of an issue.

The objective

Our goal is to provide an access to a timeline of events that happened in your Qovery organization and finally answer the question "who did what and when." We already have the Deployment History section, but it's not enough to have a complete view. We wanted to provide an audit log view where users could see what happened in their organization, when, and who did it, but before starting with the development of the feature, we sought the input of our customers to ensure that their needs and preferences were taken into account.

The Process

Before proceeding with the solution, we asked several questions on our Forum to gather insights from customers, including:

• Which information would you like to see within this audit timeline screen? would you like to have both the deployments AND the settings changes or you prefer to have them split into two different sections?
• How would you like to analyze the data within it: would you like to filter the data? export it in a particular format? any particular use case we should cover?
• What would be the ideal data retention? We can’t store those events forever and we would like to know if you have any constraints on your side.

Customers provided valuable insights on what they would like to see in the audit timeline screen, such as filtering by type (e.g., deployments, clusters, variables), filtering by date range (e.g., today, custom from-to), filtering by user, or the possibility to export to CSV based on the filter.

The Final Solution

After gathering valuable insights from our customers, we were finally able to move forward with this topic. The idea is to provide a complete timeline of anything that happened in your organization, including setting updates and deployments. In the Figma below you can find what the feature will look like:

As you can see, any change will be tracked together with the user or API token that did the change and the "tool" used (Qovery Terraform provider, Qovery Console, Git push on the repo, etc.).

In the first iteration, if an update is sent on a resource, we will not provide the "delta" directly, but instead, users will find the entire status of the resource after its modification. If users need to compute a delta, they will have to filter the audit log and compare the resource status between two events. We will add this automatic "delta" feature in a second iteration.

Conclusion

If you are exited as well about this feature, you can follow its progress on our Public Roadmap! At Qovery, we believe in building features with our customers, and we're excited to continue working with them to continue building the future of the cloud.