AT
AuditTrailBundle Symfony audit bundle
Documentation
GET /symfony-audit-bundle
Symfony audit bundle • Doctrine audit logging • split-phase delivery

Symfony audit bundle for fast, reliable Doctrine audit logging.

AuditTrailBundle records Doctrine ORM entity changes, entity history, and access events so teams can build a reliable Symfony audit log for admin panels, compliance reviews, and recovery. By default it captures changes during flush and sends audits after postFlush so normal writes stay fast, while still giving you stricter delivery options when you need them.

Read Documentation View GitHub Install from Packagist
4.x docs quick start key features back to portfolio
package.summary
verified
Package rcsofttech/audit-trail-bundle
Docs Current public docs cover the 4.x release line
PHP 8.4+
Symfony 7.4+ or 8.0+
Doctrine ORM 3.6+
Core model Split capture, delivery, and persistence for safer Doctrine audit logging
install.sh
ready 
composer require rcsofttech/audit-trail-bundle

# Optional packages
composer require symfony/messenger
composer require symfony/http-client
composer require easycorp/easyadmin-bundle
Database transport HTTP transport Queue transport Profiler support
Compatibility

PHP 8.4+

Built for modern PHP and current Symfony projects rather than older compatibility layers.

Framework

Symfony 7.4+

Supports Symfony 7.4+ and 8.0+ with Doctrine ORM 3.6+ requirements documented in the README.

Delivery

3 transports

Database, HTTP, and queue delivery options let the bundle fit different operational needs.

Operations

Deferred by default

Capture happens during flush, while delivery runs after postFlush unless you choose stricter behavior.

// features

Why this Symfony audit bundle is different.

AuditTrailBundle is positioned around Doctrine-safe delivery, transport flexibility, audit integrity, access auditing, and operational clarity rather than just "log everything" behavior.

Split-phase architecture

Instead of pushing everything through one step, the bundle splits capture, delivery, and persistence so Symfony audit logging fits Doctrine flush rules better.

Multiple transports

Choose database, HTTP, or queue transports depending on whether you want local persistence, remote delivery, or async processing.

Sensitive data masking

Supports native #[SensitiveParameter] and custom #[Sensitive] attributes to help keep audit payloads safer.

Access auditing

Tracks sensitive entity read operations with built-in request deduplication and optional cooldowns across requests.

Conditional auditing

Use ignored properties and runtime conditions to reduce noisy audit logs and keep entity history easier to review.

Collection change tracking

Tracks to-many collection changes so your Doctrine audit logging does not stop at simple scalar diffs or partial entity history.

Revert and recovery

Includes revert support and dedicated documentation for recovery workflows instead of treating audit logs as write-only history.

Profiler and admin UI

Includes Symfony profiler support and EasyAdmin integration for audit review and operational visibility.

// architecture

Designed for Doctrine audit logging that respects the write path.

If you are evaluating a Symfony audit bundle or looking for an auditor-bundle alternative, this is the operational difference that matters most: capture and delivery are not forced into one brittle step.

split-phase-flow.txt
default
  • Capture changes during Doctrine onFlush.
  • Keep ORM-safe work inside the right part of the flush lifecycle.
  • Dispatch audits after postFlush by default so normal writes stay lighter.
  • Use a separate writer for deferred database writes instead of calling nested flush() inside postFlush.
Operational defaults

What production setups usually care about

  • Deferred delivery by default for lighter write pressure.
  • Option to keep stricter behavior when your audit and write must succeed together.
  • Failure handling and fallback behavior documented for HTTP and queue transport flows.
  • UUID v7 ordering and audit-reader constraints documented for operational safety.
// quick-start

Quick start for this Symfony audit bundle.

terminal.log
install 
composer require rcsofttech/audit-trail-bundle

php bin/console make:migration
php bin/console doctrine:migrations:migrate
entity.php
attribute 
use Rcsofttech\AuditTrailBundle\Attribute\Auditable;

#[Auditable(ignoredProperties: ['internalCode'])]
class Product
{
    // Track Doctrine entity changes and skip noisy fields
}
// integrity

Built for audit integrity, not just audit storage.

AuditTrailBundle can help with tamper detection, review, and safer payload handling alongside normal Symfony audit log capture.

HMAC signatures

Audit logs and transport payloads can be signed so tampering can be detected during verification.

Integrity verification

Command-line tools are available to audit your audit logs rather than assuming log rows were left untouched.

Request and user context

Track context that matters during review, including request and user-level audit data.

// use-cases

Common use cases for Symfony audit logging.

In practice, teams adopt Symfony audit logging for seven recurring jobs: entity history, admin accountability, read-access monitoring, compliance review, recovery, and transport-safe delivery. AuditTrailBundle is built around those real workflows.

Audit history

Track who changed what and when

Use this Symfony audit log bundle when your back-office or admin system needs a reliable history of entity changes, including request context, user context, and change details that help during support investigations.

Admin review

Give internal teams a clearer admin audit trail

EasyAdmin integration and Symfony profiler support make it easier to review audit logs during support, debugging, and operational investigations instead of leaving history buried in raw database tables.

Compliance review

Keep a cleaner audit trail for review workflows

For teams dealing with compliance logging, internal review, or regulated data flows, AuditTrailBundle supports sensitive data masking, audit integrity signing, and verification tooling instead of leaving review as an afterthought.

Access review

Monitor sensitive read access, not only writes

Some teams need a Symfony audit log that records who viewed sensitive data as well as who changed it. Access auditing helps cover that gap with request-level deduplication and optional cooldown behavior.

Recovery

Recover from bad writes and mistaken admin actions

Doctrine audit logging becomes much more useful when it also supports recovery. The bundle's revert and recovery features help when a bad import, incorrect update, or accidental change needs to be understood and rolled back safely.

Low-noise logs

Keep audit history cleaner with conditional logging

Conditional auditing and ignored properties help reduce audit noise from fields that do not matter during review, which keeps change history more useful for support and compliance work.

Transport choice

Match audit delivery to your production architecture

Some teams want local database persistence, some need remote HTTP delivery, and others want queue-based async processing. AuditTrailBundle supports database, HTTP, and queue transports so your Symfony audit bundle can fit the way your application actually runs.

// faq

Frequently asked questions about AuditTrailBundle.

These FAQs focus on the actual product behavior developers usually want to confirm before installing a Symfony audit bundle.

What is AuditTrailBundle?

It is a Symfony audit bundle for Doctrine ORM entity change tracking.

AuditTrailBundle records Doctrine ORM entity changes and stores audit logs, with a design that keeps normal writes lighter by default.

How does it stay Doctrine-safe?

It avoids unsafe nested flush behavior in postFlush.

Deferred database writes use a separate writer rather than calling flush() from inside Doctrine postFlush.

What transports are supported?

Database, HTTP, and queue transports are supported.

Symfony Messenger can support async database or queue transport flows, while Symfony HttpClient can support HTTP delivery.

Does it support masking and revert?

Yes, both sensitive data masking and revert workflows are included.

The package documentation also covers recovery, integrity signing, verification, request context, and EasyAdmin / profiler integration.

Can it audit read access?

Yes, it can audit sensitive read operations as well as write changes.

The bundle includes access auditing with request-level deduplication and optional cooldown support for cross-request review workflows.

Can it reduce noisy logs?

Yes, conditional auditing and ignored properties help keep history cleaner.

You can skip unnecessary fields and apply runtime rules so your Symfony audit log stays more useful during admin review, support, and compliance checks.

next-step.sh
cta

Install AuditTrailBundle and explore the full docs.

AuditTrailBundle is a strong fit for teams that need a Symfony audit bundle with Doctrine-safe delivery, transport flexibility, audit integrity support, and practical recovery workflows.

Open Documentation Open Packagist Read the README