SOC2 · ISO 27001 · GDPR

Log every action in your product.
Instantly.

Add audit logs to your product in 3 lines of code. Storage, search and compliance, handled for you.

01, USE CASES

Why teams use Recalled

Three concrete reasons devs drop an audit SDK into their product.

  • Track every action

    Who deleted this invoice? Who changed this permission? Record every user action with who, what, when, from where. Your support team has the answer in two clicks.

  • Stay audit-ready

    SOC2, ISO 27001, GDPR. Your enterprise customers and auditors will ask for a trail. Recalled gives them a signed, exportable, compliant audit log out of the box.

  • Keep your database lean

    Audit logs grow fast and slow down production queries. Recalled stores events off-site, indexed for search, with configurable retention. Your main DB stays focused on your product.

02, INTEGRATE

Three lines, you are done

An npm SDK for JavaScript and TypeScript, a REST API for everything else. Use whatever language you ship in.

node.js
# npm install recalled

import { Recalled } from 'recalled'

const client = new Recalled({
  apiKey: process.env.RECALLED_KEY
})

await client.events.create({
  action: 'invoice.deleted',
  actor: { id: 'user_123' }
})
rest api
curl -X POST https://api.recalled.dev/v1/events \
  -H "Authorization: Bearer $KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "action": "invoice.deleted",
    "actor": {
      "id": "user_123"
    }
  }'
03, FEATURES

Built for developers

Stop building your own audit log. We do the boring part so you can ship the rest.

  • Event tracking

    Record every user action, create, update, delete, login, permission granted, with who, what, when, from where.

  • Search and filters

    Full-text search across all events. Filter by user, action, resource, date range, IP. Real-time results, cursor pagination.

  • Embeddable UI

    A React component or iframe you embed directly in your app dashboard. White label, no leaving your product.

  • Export and streaming

    CSV or JSON export on demand. Webhook to stream to a SIEM (Datadog, Splunk, Elastic). Configurable retention.

  • Tamper proof

    Each event is cryptographically signed. Impossible to modify after insertion. Hash chain to prove integrity to an auditor.

  • Analytics dashboard

    Activity overview, event spikes, top actions, most active users. Alerts on anomalous behavior.

04, COMPLIANCE

The compliance box, ticked for you

SOC2, ISO 27001, GDPR. Your enterprise customers and auditors will ask for an audit trail. Recalled gives them what they expect, with EU hosting, AES-256 encryption at rest, configurable retention, and a one call delete for the right to erasure.

SOC2 readyISO 27001GDPREU hostingAES-256Right to erasure