Does keto record some sort of audit trail? If so is there a hooks system similar to Kratos whereby these audited events can be sent to a 3rd party audit store? I noticed this issue is marked as completed: https://github.com/ory/keto/issues/721

Hello @curved-ram-6189 see the documentation here: https://www.ory.sh/docs/self-hosted/operations/logging We are also working on something related to audit trails, feel free to reach out to @curved-nail-40535 if you are interested in sharing a bit what your requirements would be for a complete audit/logging system for Keto.

@magnificent-energy-493 @curved-nail-40535 Thanks. I think we would want at least the action, the subject of the action, the target if applicable, a timestamp, error indicator (is this event an error), any permissions info (e.g. added permission X, removed permission X, access denied due to permission X). Definitely all events around access decisions in Keto are desired, but it should be uniform throughout all the Ory stack. It seems from my research that the plan is to rely on the logging pipeline, which may not be the best approach for an authoritative audit record. I think it would make much more sense to implement a hooks system similar to Kratos, or create an entirely new events api that can be gathered up. This is essentially a determining factor for us adopting the Ory stack. Is there any kind of timeline on when even an initial implementation would be ready for testing?

@curved-ram-6189 We are currently in the planning for this and aim for a release around Q4 this year. Question from my side: Are you planning to adopt Ory in a self hosting scenario, or aiming for Ory Network?

Self-hosting. In the mean time we may try to build something, or try to siphon what we need from the logs. I'm not sure the logs contain all the information we might need for an audit scenario though.

Hey @curved-ram-6189. Quick info: Maybe you've seen that we are currently conducting research to improve metrics in Ory’s software. This maybe also interesting for you to give sharing your perspective on this topic. You can find the complete message and the link to the interview sign-up in the #announcements channel.

Definitely! Thanks!

Of course. We would be also interested in feedback what you are planning to do in the future and how Ory could support you on this