Audit log on queries done to contracts on Daml Hub or through Ledger API

As a user of Daml Hub is there a way in which to extract an audit log of actions executed by this user through Daml Hub or the Ledger API (through the JSON API)?

Example: As an operator (with an “account@domain” on Daml Hub) I initiated workflows with another party on Daml Hub (from “anotherAccount@sameDomainAsAbove”) that provides access to various contracts to execute other workflows and gets visibility on contracts. Would there be a way in which the logs on operations executed by this other user through Daml Hub or directly to the Ledger API could be retrieved directly from Daml Hub for compliance purposes?

In this case I’d be interested in extracting an audit log of operations that do not have effects on the ledger (queries).

For the write-side, the transaction stream (available over the gRPC Ledger API) would be this audit log.

For the read-side, although we have an internal access logs, we unfortunately do not make these publicly available.

But as part of a potential feature request, could you outline more specifically what you are looking for?

1 Like

Essentially as part of a potential compliance requirement it could be deemed necessary to have a vision on what certain parties were querying.

E.g.: as an application manager I queried data on customer data held on a contract between the customer and the company (application manager queries in a “readAs company” manner or has direct access to the contract). The company may have to provide an audit on its employees actions on seeing sensitive information to regulators.

This would also include access through Daml Hub or directly through the Ledger API in case the application was to be deployed on Daml Hub