𝗗𝗲𝘀𝗶𝗴𝗻𝗶𝗻𝗴 𝗔𝗻 𝗘𝘃𝗲𝗻𝘁 𝗦𝗼𝘂𝗿𝗰𝗲𝗱 𝗔𝘂𝗱𝗶𝘁 𝗧𝗿𝗮𝗶𝗹

𝗗𝗲𝘀𝗶𝗴𝗻𝗶𝗻𝗴 𝗔𝗻 𝗘𝘃𝗲𝗻𝘁-𝗦𝗼𝘂𝗿𝗰𝗲𝗱 𝗔𝘂𝗱𝗶𝘁 𝗧𝗿𝗮𝗶𝗹

Financial software needs a strong audit trail. You need to know who did what and when. Event sourcing is the best way to do this.

It creates a log you cannot change. Replay events to fix errors or meet laws.

Your system needs these parts:

• Domain services send events.
• Kafka moves the data.
• Postgres stores the logs in partitions.

Your event data needs these fields:

• Unique ID.
• Event type.
• Timestamp.
• Correlation ID to link steps.
• JSON payload for data.

Protect private data. Do not store PII in the logs. Mask sensitive fields. Redact data when you export it.

Avoid these mistakes:

• Do not use the audit log as your main database.
• Do not skip schema versions.
• Do not store plain IDs.

Track your performance. Monitor how fast events move from the service to the store. Check for missed messages.

Source: https://dev.to/therizwansaleem/designing-an-event-sourced-audit-trail-for-a-financial-microservice-3ol3