Audit Log Reference

This reference is for architects, security reviewers, compliance teams, and SREs who need to understand exactly what TeaQL records at each audit level. TeaQL uses a zero-code, environment-variable-driven audit configuration model, so teams can change audit output without changing application code.

For the core audit surfaces, including entity mutation audit and tool-module audit, this page shows:

Code examples — how application code calls the runtime API
Configuration — how audit output is controlled with environment variables
Log samples — the exact output shape for each audit level

All log samples are generated by framework tests at runtime. They are not hand-written mock logs.

Entity Audit

Scope: TEAQL_AUDIT | Production default: _full

Code Example

let mut task = Q::tasks()
    .with_id_is(8)
    .comment("Get specific task for transition")
    .purpose("Move task to executing")
    .execute_for_one(&ctx)
    .await?
    .expect("Task not found");

task.update_status_id(1002);
task.audit_as("Move 'Review Launch Criteria' READY => EXECUTING").save(&ctx).await?;

Zero-Code Configuration

# Production default: emit full entity change details.
TEAQL_AUDIT=_full

# Performance-sensitive mode: emit summary records only.
TEAQL_AUDIT=_summary

# CI/CD: disable entity audit output.
TEAQL_AUDIT=_silent

Log Output From Real Tests

Silent — no output

Summary:

[2026-06-04 02:43:52.942] - [philip] - [AUDIT] Entity [Task(8)] UPDATED.

Full:

[2026-06-04 02:43:52.942] - [philip] - [AUDIT] Entity [Task(8)] UPDATED. [DOMAIN: Move 'Review Launch Criteria' READY => EXECUTING]
[2026-06-04 02:43:52.942] - [philip] - [AUDIT]   -> Field [status]: READY -> EXECUTING
[2026-06-04 02:43:52.942] - [philip] - [AUDIT] ------------------------------------------------------------
[2026-06-04 02:43:52.952] - [philip] - [AUDIT] Entity [TaskExecutionLog(36)] CREATED. [DOMAIN: Move 'Review Launch Criteria' READY => EXECUTING -> Generate execution log for action 'STATUS_CHANGED']
[2026-06-04 02:43:52.952] - [philip] - [AUDIT]   -> Field [action]: NULL -> 'STATUS_CHANGED'
[2026-06-04 02:43:52.952] - [philip] - [AUDIT]   -> Field [detail]: NULL -> 'Status changed from READY to EXECUTING.'
[2026-06-04 02:43:52.952] - [philip] - [AUDIT]   -> Field [id]: NULL -> 36
[2026-06-04 02:43:52.952] - [philip] - [AUDIT]   -> Field [task_id]: NULL -> 8
[2026-06-04 02:43:52.952] - [philip] - [AUDIT]   -> Field [version]: NULL -> 1

TeaQL can capture cascading domain events automatically. In the example above, changing the Task status also creates a TaskExecutionLog, and the trace chain is preserved in the audit output.

Log Field Model

Each audit record follows a common structure:

[timestamp] | [trace id] | [user identity] | [module] | [operation] | [elapsed] | [status]
  Intent: [business intent from .comment()]       # Full and above
  [module-specific field]: [value]                # Full and above

Level	Content	Typical use
Silent	No output	CI tests and pure compute modules
Summary	Skeleton fields: module, operation, elapsed time, status	Monitoring and trend analysis
Full	Skeleton plus intent and module-specific details	Production compliance audit
FullWithPayload	Full plus truncated request or response payload	Deep debugging and financial-grade audit

HTTP Module

Module identifier: Module::Http | Production default: AuditLevel::Full

Code Example

let data = ctx.http().get("https://api.partner.com/v2/rates?base=USD")
    .comment("Fetch exchange rates for settlement")
    .await?;

Zero-Code Configuration

# Production default: full audit for tool modules.
TEAQL_TOOL=_full

# Switch tool audit to summary mode.
TEAQL_TOOL=_summary

# Focus on a specific tool module.
TEAQL_TOOL=_full TEAQL_TOOL_FOCUS=http

Log Output

Silent — no output

Summary:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | HTTP | GET | 127ms | 200 OK

Full:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | HTTP | GET | 127ms | 200 OK
  Intent: Fetch exchange rates for settlement
  URL: https://api.partner.com/v2/rates?base=USD

FullWithPayload:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | HTTP | GET | 127ms | 200 OK
  Intent: Fetch exchange rates for settlement
  URL: https://api.partner.com/v2/rates?base=USD
  Response: {"USD":1.0,"EUR":0.92,"CNY":7.24}

File Module

Module identifier: Module::File | Production default: AuditLevel::Full

Code Example

let key = ctx.file().read("/etc/teaql/tenants/1024/secret.pem")
    .comment("Load tenant-specific encryption key")
    .await?;

Zero-Code Configuration

# Global tool audit defaults to full output.
TEAQL_TOOL=_full

# Focus debugging on File and HTTP.
TEAQL_TOOL=_summary TEAQL_TOOL_FOCUS=file,http

Log Output

Silent — no output

Summary:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | FILE | READ | 3ms | OK 2048B

Full:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | FILE | READ | 3ms | OK 2048B
  Intent: Load tenant-specific encryption key
  Path: /etc/teaql/tenants/1024/secret.pem

FullWithPayload:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | FILE | READ | 3ms | OK 2048B
  Intent: Load tenant-specific encryption key
  Path: /etc/teaql/tenants/1024/secret.pem
  Content: [binary 2048 bytes]

Command Module

Module identifier: Module::Cmd | Production default: AuditLevel::Full

Code Example

let output = ctx.cmd().run("wkhtmltopdf /tmp/invoice.html /tmp/invoice.pdf")
    .comment("Generate PDF invoice via wkhtmltopdf")
    .await?;

Zero-Code Configuration

# System command execution should normally stay at Full.
TEAQL_TOOL=_full

Log Output

Silent — no output

Summary:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | CMD | exec | 1200ms | Exit(0)

Full:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | CMD | exec | 1200ms | Exit(0)
  Intent: Generate PDF invoice via wkhtmltopdf
  Command: wkhtmltopdf /tmp/invoice.html /tmp/invoice.pdf

FullWithPayload:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | CMD | exec | 1200ms | Exit(0)
  Intent: Generate PDF invoice via wkhtmltopdf
  Command: wkhtmltopdf /tmp/invoice.html /tmp/invoice.pdf
  Stdout: Loading page (1/2)
Printing pages (2/2)
Done

Time Module

Module identifier: Module::Time | Production default: AuditLevel::Silent

Code Example

let deadline = ctx.time().today().add_days(7)
    .comment("Calculate 7-day grace period for overdue payment");

Zero-Code Configuration

# Enable full audit for Time, which is filtered by default.
TEAQL_TOOL=_full TEAQL_TOOL_FOCUS=time

Log Output

Silent — no output

Summary:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | TIME | today.add_days(7) | 0ms | OK

Full:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | TIME | today.add_days(7) | 0ms | OK
  Intent: Calculate 7-day grace period for overdue payment
  Timezone: Asia/Shanghai
  Result: 2026-06-11

ID Module

Module identifier: Module::Id | Production default: AuditLevel::Silent

Code Example

let trace_id = ctx.id().uuid_v7()
    .comment("Generate idempotency key for payment callback");

Zero-Code Configuration

# To trace ID generation, explicitly include id in the focus list.
TEAQL_TOOL=_full TEAQL_TOOL_FOCUS=id

Log Output

Silent — no output

Summary:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | ID | uuid_v7 | 0ms | OK

Full:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | ID | uuid_v7 | 0ms | OK
  Intent: Generate idempotency key for payment callback
  Result: 019abc12-def3-7000-8000-000000000001

Money Module

Module identifier: Module::Money | Production default: AuditLevel::Silent

Code Example

let total = ctx.money().add(&subtotal, &tax)
    .comment("Calculate total including 6% VAT");

Zero-Code Configuration

# Trace monetary calculation in financial-audit scenarios.
TEAQL_TOOL=_full TEAQL_TOOL_FOCUS=money

Log Output

Silent — no output

Summary:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | MONEY | add | 0ms | OK

Full:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | MONEY | add | 0ms | OK
  Intent: Calculate total including 6% VAT
  Input: 1000.00 USD + 60.00 USD
  Result: 1060.00 USD

Crypto Module

Module identifier: Module::Crypto | Production default: AuditLevel::Summary

Code Example

let encrypted = ctx.crypto().aes_gcm_encrypt(&data, &key)
    .comment("Encrypt PII before persisting to database");

Zero-Code Configuration

# Upgrade security-module audit to full output.
TEAQL_TOOL=_full TEAQL_TOOL_FOCUS=crypto

Log Output

Silent — no output

Summary:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | CRYPTO | aes_gcm_encrypt | 2ms | OK

Full:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | CRYPTO | aes_gcm_encrypt | 2ms | OK
  Intent: Encrypt PII before persisting to database
  Algorithm: AES-256-GCM
  Size: 256B -> 272B

FullWithPayload:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | CRYPTO | aes_gcm_encrypt | 2ms | OK
  Intent: Encrypt PII before persisting to database
  Algorithm: AES-256-GCM
  Size: 256B -> 272B
  Input: [REDACTED]

Even at FullWithPayload, Crypto input and output values are redacted to prevent secrets, keys, and plaintext from leaking into logs.

JSON Module

Module identifier: Module::Json | Production default: AuditLevel::Silent

Code Example

let payload = ctx.json().parse(&raw_body)
    .comment("Parse incoming webhook payload from Stripe");

Zero-Code Configuration

# Debug webhook payload handling.
TEAQL_TOOL=_full TEAQL_TOOL_FOCUS=json

Log Output

Silent — no output

Summary:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | JSON | parse | 0ms | OK

Full:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | JSON | parse | 0ms | OK
  Intent: Parse incoming webhook payload from Stripe
  Size: 4096B

FullWithPayload:

2026-06-04T09:15:00Z | a1b2c3d4 | philip | JSON | parse | 0ms | OK
  Intent: Parse incoming webhook payload from Stripe
  Size: 4096B
  Content: {"id":"evt_1234","type":"payment_intent.succeeded","data":{"object":{"id":"pi_abc","amount":10000,"currency":"usd","status":"suc... (truncated to 128B)

Zero-Code Configuration Cheat Sheet

You can inject these variables when running the application or test suite. No recompilation is required.

Scenario	Environment variables	Effect
Production default, safest baseline	Do not set any audit environment variables	Entity and SQL output stay silent or summary; network and file modules use Full audit
Fully silent CI/test mode	`TEAQL_AUDIT=_silent TEAQL_SQL=_silent TEAQL_TOOL=_silent`	No audit-log overhead; maximum test performance
HTTP and file only	`TEAQL_TOOL=_full TEAQL_TOOL_FOCUS=http,file`	Filter tool logs to the selected modules
Full tracing for one table	`TEAQL_SQL=_full TEAQL_SQL_TABLES=task_execution_log`	Debug data issues for a specific table
Deep troubleshooting mode	`TEAQL_AUDIT=_full TEAQL_SQL=_full TEAQL_TOOL=_full`	Emit full output for all modules, including detailed parameters
Schema safety dry run	`TEAQL_SCHEMA=_dryrun`	Validate and print planned DDL without changing the database

Entity Audit​

Code Example​

Zero-Code Configuration​

Log Output From Real Tests​

Log Field Model​

HTTP Module​

Code Example​

Zero-Code Configuration​

Log Output​

File Module​

Code Example​

Zero-Code Configuration​

Log Output​

Command Module​

Code Example​

Zero-Code Configuration​

Log Output​

Time Module​

Code Example​

Zero-Code Configuration​

Log Output​

ID Module​

Code Example​

Zero-Code Configuration​

Log Output​

Money Module​

Code Example​

Zero-Code Configuration​

Log Output​

Crypto Module​

Code Example​

Zero-Code Configuration​

Log Output​

JSON Module​

Code Example​

Zero-Code Configuration​

Log Output​

Zero-Code Configuration Cheat Sheet​

Entity Audit

Code Example

Zero-Code Configuration

Log Output From Real Tests

Log Field Model

HTTP Module

Code Example

Zero-Code Configuration

Log Output

File Module

Code Example

Zero-Code Configuration

Log Output

Command Module

Code Example

Zero-Code Configuration

Log Output

Time Module

Code Example

Zero-Code Configuration

Log Output

ID Module

Code Example

Zero-Code Configuration

Log Output

Money Module

Code Example

Zero-Code Configuration

Log Output

Crypto Module

Code Example

Zero-Code Configuration

Log Output

JSON Module

Code Example

Zero-Code Configuration

Log Output

Zero-Code Configuration Cheat Sheet