Architecture patterns in Audit Log
Patterns for ingesting, storing and retrieving authentication and authorisation events.
Audit Log separates asynchronous ingestion from storing and reading security events.
Queue-based ingestion
Azure Functions read queue events and forward them to the Audit Log API.
Benefits: Loose coupling, traffic buffering and retries.
Drawbacks: Events are eventually consistent, may be duplicated and require dead-letter monitoring.
Code examples
Separate event streams over shared layers
Authentication and authorisation events use parallel models, services, repositories and controllers.
Benefits: Domain differences remain explicit.
Drawbacks: Parallel layers can duplicate code and diverge.
Code examples
Time-based database partitioning
A hosted service creates database partitions through a dedicated repository.
Benefits: Predictable queries and manageable retention.
Drawbacks: Missing partitions can stop writes; cleanup must follow retention requirements.
Code examples