PracticeSystem DesignQ2
medium🏗️ System Design

Design an audit logging system that is tamper-proof.

Your enterprise client operates in a regulated industry (financial services). They need an audit log of all user actions that is: - Tamper-proof (no deletion or modification after write) - Queryable (search by user, time range, action type) - Retaining 7 years of data - Compliant with SOC 2 and GDPR **Design this system.**
💡 Hints (3)
✅ View Solution
**Key design decisions:** 1. **Append-only store** — Write to immutable object storage (S3 with Object Lock / WORM). 2. **Cryptographic chaining** — Each log entry includes hash of previous entry (blockchain-lite). 3. **Query layer** — Index in Elasticsearch or OpenSearch for fast lookup. 4. **Tiering** — Hot (0-90 days) in fast storage, cold (90 days - 7 years) in Glacier. 5. **GDPR tension** — Store PII separately with a pointer; delete the PII record to satisfy erasure while keeping the anonymized audit event intact.
← PreviousNext →