// the find
thepirat000/Audit.NET
An extensible framework to audit executing operations in .NET
Audit.NET is a structured audit logging framework for .NET that captures before/after state, execution context, and exceptions for any operation you wrap in an AuditScope. It ships integrations for EF Core, WebAPI, MVC, gRPC, HttpClient, MediatR, Hangfire, and SignalR, plus output providers for basically every storage target you'd consider. If you need to answer 'what changed, when, and who did it' in a .NET app, this is the library to reach for.
The EF Core integration is the strongest part — you get column-level change tracking with old/new values without writing any serialization code yourself, just inherit from AuditDbContext. The output provider abstraction is genuinely pluggable: ConditionalDataProvider, PollyDataProvider, and DeferredFactory let you route and retry logs without touching audit call sites. The IAuditScopeFactory interface plays well with DI and is mockable, so unit testing audited code doesn't require exotic workarounds. The OpenTelemetry span provider is a nice addition — audit events as OTEL spans means you can route them through your existing observability pipeline instead of a separate store.
Global static configuration (Audit.Core.Configuration.DataProvider) is a trap in multi-tenant or test-heavy codebases — it's a shared singleton that can bleed between tests if you're not careful with setup/teardown. The EF Core interceptor approach and the AuditDbContext inheritance approach can coexist in the same app but interact in non-obvious ways; the docs underplay this. There's no built-in redaction or PII scrubbing — if your tracked objects contain passwords or tokens, they go into the audit log verbatim, and you're on your own to exclude them via [AuditIgnore] or custom serialization. The sheer number of packages (30+) makes dependency management annoying; adding the EF provider pulls in a different package from the EF data provider, and it's easy to grab the wrong one.