Audit everything. Who did what and when.
An append-only audit log of every event and every change. Each entry captures the actor, the timestamp, and any JSON detail you attach — enough to reconstruct prior state, attribute responsibility, or replay history. Query the events in your own app, in the smplkit console, or stream them to any HTTP destination.
Stream to your SIEM. Any HTTP-reachable destination.
01
API-first, both directions
One POST endpoint to record events, one GET endpoint to fetch them, and six SDKs to do both. Pull change history into your own application — show users what changed and when, build your own audit dashboards, or feed events into your own pipelines.
02
Forensic detail in every audit log entry
Every entry captures the actor, the resource, the timestamp, and any JSON detail you supply — including full state snapshots when you need to reconstruct prior values. Filter by actor, resource type, action, or time range. Append-only and immutable — no event is ever modified after it lands.
03
Stream to your SIEM
Forward events to any HTTP-reachable destination — Datadog, Splunk HEC, Sumo Logic, New Relic, Honeycomb, or your own pipeline. Optional JSONata transforms for the destination's expected shape, optional JSON Logic filters to control which events flow.
How Smpl Audit stacks up
Most embedded audit-log products are metered per event, per organization, or per SIEM connection, with multiple line items required to cover retention, streaming, and SDKs. Smpl Audit's plans bundle everything — events, retention, six SDKs, and full SIEM streaming — into one monthly fee.
Each ✓ indicates the feature is available from that vendor at some tier. Cells naming a specific tier indicate the feature is gated to that tier or higher. Prices show all of the vendor's published tiers.
— not documented publicly.
| Frontegg Audit Logs | Pangea Secure Audit Log | WorkOS Audit Logs | Smpl Audit™ | |
|---|---|---|---|---|
| REST API for emitting events | ✓ | ✓ | ✓ | ✓ |
| Append-only / immutable storage | ✓ | ✓ | ✓ | ✓ |
| In-product audit log viewer | ✓ | ✓ | ✓ | ✓ |
| Configurable retention beyond plan default | ✓ | ✓ | ✓ | ✓ |
| CSV bulk export | ✓ | ✓ | ✓ | ✓ |
| Google & Microsoft SSO | ✓ | ✓4 | UNCLEAR | ✓ |
| Custom SAML / OIDC SSO | ✓ | UNCLEAR | UNCLEAR | ✓ |
| Attach arbitrary JSON to any event | UNCLEAR | ✓ | ✓ | ✓ |
| Forward events to any HTTP destination (webhooks) | ✓ | ✓ | ✓ | |
| Query API with filters (actor, action, resource, time) | ✓ | ✓ | ✓ | |
| Idempotency keys | ✓ | ✓ | ||
| JSON bulk export | ✓ | ✓ | ||
| CLI | ✓ | ✓ | ||
| JSON Logic–based search (nested AND/OR) | ✓ | |||
| Terraform provider | ✓ | |||
| Customer events / month included | UNCLEAR | Pay-as-you-go2 | Metered1 | 1K / 100K / 1M / 10M |
| Retention period included | UNCLEAR | Configurable2 | 30 days1 | 30 days / 1 year / 5 years / 10 years |
| API requests | Rate-limited5 | Pay-as-you-go2 | Metered1 | Unlimited |
| — SIEM Streaming (out-of-the-box connectors) — | ||||
| Datadog | ✓ | ✓ | ✓ | |
| Elastic | ✓ | |||
| Honeycomb | ✓ | |||
| New Relic | ✓ | |||
| Splunk HEC | ✓ | ✓ | ✓ | ✓ |
| Sumo Logic | ✓ | ✓ | ||
| Any reachable HTTP destination | ✓ | ✓ | ✓ | |
| — SDKs — | ||||
| C# / .NET | ✓ | ✓ | ✓ | |
| Go | ✓ | ✓ | ✓ | |
| Java | ✓ | ✓ | ✓ | |
| Python | ✓ | ✓ | ✓ | ✓ |
| Ruby | ✓ | ✓ | ||
| TypeScript / Node.js | ✓ | ✓ | ✓ | ✓ |
| Monthly price | Contact sales3 | Pay-as-you-go2 | $99 + $125/SIEM1 | Free / $49 / $99 / $249 |
- ↩ WorkOS Audit Logs is billed at approximately $99/month per million events stored, plus $125/month per SIEM stream connection. Default retention is 30 days; longer retention is configurable at additional cost.
- ↩ Pangea Secure Audit Log (now part of CrowdStrike) uses pay-as-you-go pricing metered separately across ingestion, search, retention, and export. Retention is tiered and configurable: hot ≤14 days, warm ≤10 years, cold ≤10 years.
- ↩ Frontegg has consolidated public pricing to PAYG + Enterprise; audit logs and log streaming are gated to Enterprise (custom pricing). Verified May 2026.
- ↩ Google and GitHub social SSO; Microsoft Entra is provided via Pangea's separate AuthN product, not native Secure Audit Log console login.
- ↩ Frontegg rate-limits the API to 100 requests/min per IP on the entry plan and 1,000 requests/min per IP on Scale / Enterprise.