Audit everything. Who did what and when.
An append-only record of every event and every change. Each entry captures the actor, the timestamp, and any JSON detail you attach — enough to reconstruct prior state, attribute responsibility, or replay history. Query the events in your own app, in the smplkit console, or stream them to any HTTP destination.
Stream to your SIEM. Any HTTP-reachable destination.
01
API-first, both directions
One POST endpoint to record events, one GET endpoint to fetch them, and six SDKs to do both. Pull change history into your own application — show users what changed and when, build your own audit dashboards, or feed events into your own pipelines.
02
Forensic detail in every event
Every entry captures the actor, the resource, the timestamp, and any JSON detail you supply — including full state snapshots when you need to reconstruct prior values. Filter by actor, resource type, action, or time range. Append-only and immutable — no event is ever modified after it lands.
03
Stream to your SIEM
Forward events to any HTTP-reachable destination — Datadog, Splunk HEC, Sumo Logic, New Relic, Honeycomb, or your own pipeline. Optional JSONata transforms for the destination's expected shape, optional JSON Logic filters to control which events flow.
How Smpl Audit stacks up
Most embedded audit-log products are metered per event, per organization, or per SIEM connection, with multiple line items required to cover retention, streaming, and SDKs. Smpl Audit's plans bundle everything — events, retention, six SDKs, and full SIEM streaming — into one monthly fee.
| Smpl | |||||||
|---|---|---|---|---|---|---|---|
| Frontegg Audit Logs | Pangea Secure Audit Log | WorkOS Audit Logs | Free | Standard | Pro | Enterprise | |
| REST API for emitting events | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Append-only / immutable storage | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Customer-supplied event timestamp | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Query API with filters (actor, action, resource, time) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Free-text search across event payload | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| In-product audit log viewer | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| CSV export | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Bulk JSON export | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Generic HTTP POST forwarding (any endpoint) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Splunk HEC (first-class connector) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Datadog (first-class connector) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Configurable retention beyond plan default | ✓ | ✓ | ✓ | ✓2 | ✓2 | ✓2 | ✓2 |
| Full before/after snapshots on the event | ✓1 | ✓1 | ✓ | ✓ | ✓ | ✓ | |
| Idempotency keys | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Amazon S3 archival (first-class connector) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Webhook delivery of change events | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Customer events per month included | Contact sales5 | Metered4 | Metered3 | 1,000 | 100,000 | 1,000,000 | 10,000,000 |
| Retention period included | Contact sales5 | 14 days hot / configurable warm4 | 30 days3 | 30 days | 1 year | 5 years | 10 years |
| SIEM streaming | ✓ | ✓ | ✓ | ||||
| Terraform provider | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| — SDKs — | |||||||
| Python | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| TypeScript / Node.js | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Java | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Go | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| C# / .NET | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Ruby | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| Monthly price | Contact sales5 | Pay-as-you-go4 | $99 + $125/SIEM3 | Free | $49 | $99 | $249 |
- ↩ WorkOS and Pangea both let customers attach arbitrary metadata to events; full pre/post state is a customer-side convention. Smpl Audit captures the post-save snapshot automatically for every smplkit resource and exposes the same shape to customer events.
- ↩ Smpl Audit's plan retention period is a default, not a hard cap. Customers requiring longer retention can contact smplkit support to extend the cap on their existing plan; extensions are fulfilled manually.
- ↩ WorkOS Audit Logs is currently priced at approximately $99/month per million events stored, plus $125/month per SIEM stream connection. Default retention is 30 days; longer retention is configurable per organization at additional cost.
- ↩ Pangea Secure Audit Log (now part of CrowdStrike) uses pay-as-you-go pricing with a $5/month free credit, billing on log ingestion, search, retention, and export separately. Hot tier is searchable for up to 14 days; warm tier extends to 10 years; cold tier archives to 10 years and requires an export request to retrieve.
- ↩ Frontegg's audit logs are gated to the Growth tier of their CIAM platform; pricing requires sales contact. SDK coverage and SIEM integrations are inherited from the broader Frontegg platform rather than being audit-specific.