Docs · Reference
Tamper-evident Audit Log
The manager audit log is hash-chained: each entry carries a SHA-256 hash that chains the one before it. Change or delete any row and the chain breaks — so the log becomes an integrity-proof record you can stand behind for compliance and forensics.
- Topic
- Compliance · Forensics
- Integrity
SHA-256 hash chain- Maps to
- UU PDP · ISO 27001
- API
/audit · /audit/verify
What it does
Every audited action the manager records is linked to the previous entry by a SHA-256 hash. The result is a chain: the hash of each row depends on the row before it, so editing or removing any entry in the middle invalidates everything after it. That makes silent tampering detectable — you do not just have a log, you have a log you can provewasn't altered.
- Hash-chained — each entry chains the previous with SHA-256.
- Verifiable — a single command re-walks the chain and tells you if it holds.
- Forensic-grade — pinpoints the first tampered entry, not just "something is wrong".
How to use it
--limit).nexus-cli audit --limit 200nexus-cli audit-verifyThe verifier returns ok, the number of entries checked, tampered_at_id (the first broken entry, if any) and the current tip_hash of the chain.
REST API
GET /audit # list audit entries
GET /audit/verify # { ok, entries, tampered_at_id, tip_hash }Why it matters for compliance
Auditors and incident responders need to trust the record. A hash-chained trail gives them cryptographic assurance that the history of who-did-what-when has not been quietly rewritten — directly supporting integrity controls in UU PDP and ISO 27001, and standing up as evidence during forensics.
Tips
- Run
nexus-cli audit-verifyon a schedule and alert ifokis false. - Record the
tip_hashexternally (e.g. in a ticket) to anchor a point in time. - A non-null
tampered_at_idtells you the exact entry to investigate first.