TDAL v1.0 is live — Request early access
TDAL
Request Access
Live — Zero-downtime database audit logging

Know every change
in your database.

TDAL streams every PostgreSQL change into a tamper-proof, searchable audit log in real time — without touching your application code.

No agents. No schema changes. No vendor lock-in.

Invite-only · We'll email your credentials once approved

TDAL — Audit Log
live

Total Events

1,284,302

Inserts (7d)

48,291

Alerts Fired

12

DLQ Pending

0

TimestampTableOperationUserChecksum
just nowusersUPDATEadmina3f2c1d8…
2s agoordersINSERTapi_svcb9e4d2f1…
5s agopaymentsDELETEadminc1a8f3e4…
12s agoproductsUPDATEsync_jobd7b2e1c9…
18s agousersINSERTapi_svce4c9a2b7…

Load tested · production ready

462k+

Events processed in load tests

0%

Error rate

5.8ms

Avg response latency

p95 18ms

Under 150 concurrent users

How it works

From zero to full coverage
in three steps.

Set up takes minutes, not sprints. No application code changes. No infrastructure overhaul.

01

Connect your database

Point TDAL at your PostgreSQL instance. Logical replication and Debezium are configured automatically — no agents, no schema changes.

02

Stream every change

Changes flow through Kafka in real time. Every mutation is captured, checksummed, and indexed for search and analytics.

03

Monitor and alert

Set rules, get alerts, search logs, and analyze trends. All from a single dashboard — no context switching.

Features

Everything you need.
Nothing you don't.

Built on a production-grade distributed stack — Kafka, ClickHouse, Elasticsearch — not an afterthought.

Real-time CDC Pipeline

Stream every INSERT, UPDATE, and DELETE from PostgreSQL the moment it happens via Debezium + Kafka. Zero lag, zero missed events.

Tamper-proof Audit Trail

SHA-256 checksum chain seals every event. Any modification — even a single byte — is immediately detected and flagged.

Smart Alert Rules

Per-event and threshold-based rules. Notified on Slack, Email, or Webhooks the instant something suspicious happens.

ClickHouse Analytics

Query billions of audit events in milliseconds. Trends, per-table breakdowns, and operation summaries out of the box.

Full-text Search

Elasticsearch-powered search across all logs. Filter by table, operation, user, or time range — instantly.

Role-based Access

Granular RBAC with Admin and Auditor roles. JWT-secured with refresh tokens and bcrypt password hashing.

Testimonials

Trusted by engineering teams.

We replaced a custom audit logging solution that took 3 engineers 6 months to build. TDAL was running in production in a day.

Priya Sharma

Engineering Lead, FinTech startup

The tamper-proof checksum chain was the deciding factor for us. Our compliance team finally stopped asking questions.

Marcus Chen

CTO, Healthcare SaaS

ClickHouse analytics on top of the audit stream is genuinely impressive. We caught a data exfiltration attempt on day one.

Aditi Verma

Head of Security, E-commerce platform

Early Access

Request access to TDAL.

Drop your email and we'll review your request. Once approved, we'll send your credentials — no credit card, no waitlist queue.

Invite-only during early access · credentials delivered by email

FAQ

Common questions.

Do I need to change my database schema?
No. TDAL uses PostgreSQL logical replication — it reads the WAL stream. Zero schema changes, zero stored procedures, zero application code changes.
How is this different from application-level audit logging?
Application-level logging can be bypassed — a rogue admin query, a direct DB connection, or a bug can all go unrecorded. TDAL captures changes at the database level, so nothing slips through.
What happens if Kafka goes down?
TDAL includes a Dead Letter Queue (DLQ) and circuit breaker. Events are buffered and replayed automatically once the pipeline recovers. You can also trigger manual replays from the dashboard.
Is the audit trail actually tamper-proof?
Every event is sealed with a SHA-256 checksum that chains to the previous event — like a blockchain. Any modification is immediately detectable. Even TDAL admins cannot silently alter historical records.
Can I self-host TDAL?
Yes. TDAL is fully self-hostable via Docker Compose or Kubernetes. The Starter plan is free forever for self-hosted deployments.

Powered by

Go + FiberPostgreSQLApache KafkaDebeziumClickHouseElasticsearchNext.js 16KubernetesPrometheusOpenTelemetryJaeger

Ready to see it in action?

Request access and we'll set you up with credentials. Connect your PostgreSQL in minutes.